Pular para o conteúdo principal

Google Workspace (SAML)

This guide configures Casdoor as a SAML identity provider for Google Workspace single sign-on.

Add a certificate in Casdoor

Create an X.509 certificate with RSA in Casdoor and download it.

Adicionar cert

Configure the SAML application in Casdoor

  1. On the application edit page, select the certificate and add your Google domain (e.g. google.com) to Redirect URLs.
  2. Set SAML reply URL to https://www.google.com/a/<your-domain>/acs. See SSO assertion requirements for the ACS URL.
  3. Copy the Sign-in page URL for the next step.

Selecionar cert e adicionar URLs de redirecionamento Enter the SAML reply URL field Copie o URL da página de login

Add third-party SAML IdP in Google Workspace

  1. In Google Workspace AdminSecurityOverview, find SSO with third-party IdP.
  2. Click Add SSO profile and enable Set up SSO with third-party identity provider.
  3. Paste the Casdoor sign-in page URL into Sign-in page URL and Sign-out page URL.
  4. Upload the certificate you downloaded from Casdoor and save.

Configurar Google Workspace

Test with a user

  1. In Google Workspace, create a user (e.g. username test).
  2. In Casdoor, create a user with the same username in the correct organization and set their email.

Adicionar um usuário no Google Workspace Adicionar um usuário no Casdoor

Sign-in flow: open the Google app (e.g. google.com) → sign in with the user’s email → redirect to Casdoor → enter Casdoor credentials → redirect back to Google when successful.

Resultado final