In this article, you will learn to set up to integrate Harvestr with your Google Workspace Identity Provider for SAML SSO. After setup, editors and contributors sign into Harvestr with their Google SSO login instead of email and password.
All you need is the following:
a Harvestr Enterprise subscription
an Editor account
access to your Google Workspace Admin console
Set up SSO
1. Open the Google Workspace Admin Console, select the Apps drop-down list, and then Web and mobile apps.
2. Select the Add app drop-down list and then Add custom SAML app.
3. In the App details page, enter any App name and Description values.
4. Select CONTINUE.
5. Select CONTINUE again to confirm the Google Identity Provider details page.
6. Go to the SAML SSO section of your Harvestr organization settings. Copy your ACS URL and Entity ID and paste them into the dedicated fields in the Google Workspace Admin Console.
Select EMAIL as the Name ID format.
7. Select ADD MAPPING to configure the following two mappings:
Google directory attributes
8. On the newly created App's page, click DOWNLOAD METADATA.
9. Open the file you just downloaded with a text editor and copy its content.
10. Return to the SAML SSO section of your Harvestr organization settings. Click on Enable and force SAML authentication for your organization.
Paste the content you copied in step 9 and select Enable and force SAML authentication.
11. Return to the SAML App's page in your Google Workspace Admin Console and click on the User Access section to expand it.
12. Activate the app for all the users who need it. You can activate the app for everyone or only for specific groups or organizational units.
Your teammates will now sign in to Harvestr with the Google Workspace SAML SSO.
Let teammates join your Harvestr organization with SAML SSO
Once you have set up the Google Workspace SAML SSO, your teammates must sign into Harvestr with their Google SSO login instead of email and password.
To have teammates join your Harvestr organization with SAML SSO, you have the following options: