Navigate
or
Contact Us
Subscribe Download PDF

Wasp Cloud products: SSO setup with Google App SAML: Required fields, XML file, and other info

Scott Leonard
2023-03-15
in FAQs

This summary clarifies settings that can be confusing or have different names. Be sure to refer to the specific Help page (if there is one) for each Identity Provider in case there are further details and settings.

----------------------

Identity Provider (IdP): The non-Wasp service that provides user authentication for access to the Wasp product.

Service Provider (SP): The Wasp Cloud software product.

SSO Prerequisites: User and group/role setup that match names.

----------------------

Wasp settings, SAML Service Configuration Valid checkboxes (at the bottom of the page)

Include RequestedAuthnContext
This should always start unchecked. This should only be checked for backwards compatibility if validation fails, due to using an older SAML server.

Google App:


Always force SAML signature validation
This Wasp setting depends on what is set on the IdP (Identification Provider). Generally, if the IdP requires verification certificates for signature validation, check this box.

Google App:

----------------------

SAML Claims/Name ID: Unique identifier for the user. Wasp requires this to be the user's email address.

Google App: Name ID: Basic Information, Primary Email

----------------------

SAML IdP Service provider Metadata file: Download the XML file to your PC from the (non-Wasp) authentication provider configuration page. Upload this saved file in the Wasp SSO settings page.

In the unlikely event that the XML file is not available, an alternate set of 3 items (from your SAML IdP Administrator) can be used: the SAML URL, 509 Certificate, and Issuer values.

Google App: Apps, SAML apps, Step 2 of 5 Google IdP Information, Option 2, IDP metadata, Download button.

----------------------

SSO URL: May be referred to as "SSO Service URL", "SAML Post URL location", or "SAML Assertion Consumer Service (ACS) URL".
Found in Wasp's Settings page, in the form
https://YourTenant.waspassetcloud.com/Account/Saml
https://YourTenant.waspinventorycloud.com/Account/Saml

Google App: ACS URL

----------------------

Entity Id: Found in Wasp's Settings page, in the form
https://YourTenant.waspassetcloud.com
https://YourTenant.waspinventorycloud.com

Google App: Application Name, Entity ID, Start URL

Related Pages