You need super administrator access in Google Workspace and Organization Admin permissions in Plerion.
Steps to configure Google SSO
Log in to Google Admin console
Sign in to admin.google.com with a super administrator account.
Create a custom SAML app
- Go to Menu > Apps > Web and mobile apps.
- Click
Add app>Add custom SAML app. - Enter a name (e.g., “Plerion”) and click
Continue.
Download Google IdP metadata
On the Google Identity Provider details page, copy the SSO URL and Entity ID, and download the Certificate. Click
Continue.Configure the service provider details
- In Plerion, go to
Admin>Single sign-onand copy the SSO URL. - In Google, paste the URL as both ACS URL and Entity ID.
- Click
Continue.
Configure group membership for role mapping
- Under Group membership, click
Search for a groupand add the Google Groups that correspond to your Plerion roles. - In the App attribute field, enter the attribute name Plerion expects for role mapping (e.g.,
role). - Click
Finish.
Enable the app for your users
- On the app details page, click
User access. - Set the service status to ON for everyone and click
Save.
Configure trust in Plerion
- In Plerion, go to
Admin>Single sign-on>Edit>Trust.- Paste SSO URL into Single Sign-On URL
- Paste Entity ID into Identity Provider Entity ID
- Paste the contents of the Certificate file into x.509 Certificate
- Click
Configureto save.
Map attributes and roles
- In
Attribute mapping:- For Email, select Use SAML Name ID.
- For Roles, set the SAML attribute to the group membership attribute from Google (e.g.,
role).
- Map each Google Group to the corresponding Plerion role.