Platform9 supports single sign-on (SSO) with Google G Suite (G Suite).
To configure G Suite integration, you must have a G Suite Apps administrator account.
As a G Suite administrator, you can enable SSO through G Suite for other users in the organization. This enables the users to sign in to Platform9 Managed OpenStack, by using their G Suite credentials.
Enable SSO Through G Suite for Platorm9
Follow the steps given below to integrate Google with Platform9 for SSO.
Step 1 - Login to G Suite
Login to G Suite as the Apps administrator and follow the first few steps given in Google: Set up your own custom SAML application to set up your SAML custom app.
Step 2 - Create custom SAML app
From the "SAML Apps" page under the admin section, click the yellow plus sign in the bottom right-hand corner to begin adding a new SAML application, then click Setup my own custom SAML App.
Download the IdP metadata XML file and email this to email@example.com.
Then, click Next.
Step 3 - Configure basic app information
Specify the name and description of the custom app, and optionally upload a logo for the custom app.
Step 4 - Specify Platform9 (service provider) details
Specify the ACS, Entity ID, and Start URLs as follows.
- ACS URL: https://<controller url>/Shibboleth.sso/SAML2/POST</controller>
- Entity ID: https://<controller url>/keystone</controller>
- Start URL: https://<controller url>
- Select the Signed Response check box.
- Set the Name ID Format to "EMAIL".
Step 5 - Configure exported SAML attributes
Configure the Platform9-required the FirstName, LastName, and Email attribute mappings. Click Add New Mapping to add an attribute mapping.
Click Finish to complete the SAML application setup.
Step 6 - Create SSO Group Mappings in Platform9
After receiving a confirmation email that the Platform9 Support team has received your IdP metadata & enabled SSO on your environment, login to Platform9 Clarity UI as an administrator. Now, follow the steps 2 through 5 given in the Platform9 support article for single sign-on integration.
Once this is done, integration of G Suite with Platform9 for SSO is complete.
Thank you for your feedback! What did you like about this article?
Thank you for your feedback! How could this article be improved?
Thank you for your feedback!