Setting Method for G Suite SAML Authentication

Settings for G suite

Settings in G suite must be done in advance.

You need to create an account with G suite with the same e-mail address used for your SKUID account.

Please refer to the manual provided by G suite for the latest setting procedure. 

Configure single-sign on for the Google account to be managed.

https://support.google.com/a/answer/60224?hl=ja

 

Activate SAML authentication

1Log into Google Admin console.

2Click [Security] [Set up single sign-on (SSO)] [Set up single sign-on (SSO)] [Set up SSO using 3rd party IDPs ]

3Tick [Set up SSO using 3rd party IDPs] to activate.

4Fill in the following setting items and click [Save] at the end.

a. Log-in URL

Please enter the following URL:

https://saml.sku.id/uas/saml2/SingleSignOnService

b. Log-out URL

Please enter the following URL:

https://saml.sku.id/uas/logout?returnurl=https://portal.sku.id/

c. Confirmation of authentication

Download a certificate file from the following link, and upload the file.

Certificate SKUID uses for signing

 

SKUID Administrator Panel Settings

1Log in to SKUID and select the [App] menu on [Administrator Panel].

2Click [Add app] button at the upper right of the screen, and search for the application name [G suite] on the [Company Application registration] screen.

3Click [G suite (SAML)].

4Fill in each of the following setting items and click [Register].

a. [Application name] is optional. Please input here when changing a display name.

b. For [Log-in URL], please enter the following URL:

 ※The URL completed with the domain name registered in your G suite (Replace the red parts) (example: sku.id.google.com)

https://saml.sku.id/uas/saml2/SessionRelayService?entityID= Registered domain name in G

suite.google.com&RelayState=https%3A%2F%2Fmail.google.com%2Fmail

[Name ID] cannot be changed. The e-mail address of each member’s SKUID account will be used.

For [Metadata], please save the following content and upload the file.

 *Replace the red parts below with your registered domain name for G suite, and save it as a file.

 

SKUID My Page Settings

1Click [Add app] on [My page].

2On [Application Registration] screen, select [G suite(SAML)] and click [Next] at the upper right of the screen.

3To change [Display name], enter a display name and click [Register].

4Please click on the application in the extension function and check whether the log in to G suite is successful.

 

 

 

Setting Method for G Suite SAML Authentication

Settings for G suite

Settings in G suite must be done in advance.

You need to create an account with G suite with the same e-mail address used for your SKUID account.

Please refer to the manual provided by G suite for the latest setting procedure. 

Configure single-sign on for the Google account to be managed.

https://support.google.com/a/answer/60224?hl=ja

 

Activate SAML authentication

1Log into Google Admin console.

2Click [Security] [Set up single sign-on (SSO)] [Set up single sign-on (SSO)] [Set up SSO using 3rd party IDPs ]

3Tick [Set up SSO using 3rd party IDPs] to activate.

4Fill in the following setting items and click [Save] at the end.

a. Log-in URL

Please enter the following URL:

https://saml.sku.id/uas/saml2/SingleSignOnService

b. Log-out URL

Please enter the following URL:

https://saml.sku.id/uas/logout?returnurl=https://portal.sku.id/

c. Confirmation of authentication

Download a certificate file from the following link, and upload the file.

Certificate SKUID uses for signing

 

SKUID Administrator Panel Settings

1Log in to SKUID and select the [App] menu on [Administrator Panel].

2Click [Add app] button at the upper right of the screen, and search for the application name [G suite] on the [Company Application registration] screen.

3Click [G suite (SAML)].

4Fill in each of the following setting items and click [Register].

a. [Application name] is optional. Please input here when changing a display name.

b. For [Log-in URL], please enter the following URL:

 ※The URL completed with the domain name registered in your G suite (Replace the red parts) (example: sku.id.google.com)

https://saml.sku.id/uas/saml2/SessionRelayService?entityID= Registered domain name in G

suite.google.com&RelayState=https%3A%2F%2Fmail.google.com%2Fmail

[Name ID] cannot be changed. The e-mail address of each member’s SKUID account will be used.

For [Metadata], please save the following content and upload the file.

 *Replace the red parts below with your registered domain name for G suite, and save it as a file.

 

SKUID My Page Settings

1Click [Add app] on [My page].

2On [Application Registration] screen, select [G suite(SAML)] and click [Next] at the upper right of the screen.

3To change [Display name], enter a display name and click [Register].

4Please click on the application in the extension function and check whether the log in to G suite is successful.