The following steps will lead you through the process of setting up single sign-on thru Google. You will use the Google Administrator Dashboard to add an application and view the values that are specific for your organization. This will allow all authorized users at your company to use Google for accessing Tesorio.

Step 1

Adding Tesorio as SAML application in the Google Apps admin console

  • Log in to your Google Admin account, go to Apps > Web and Mobile apps

  • Then click Add app/Add custom SAML app.

Step 2

Add Custom SAML app

Define an App name Eg. Tesorio

Then click next to get to set Google Identity Provider details

From the Google Identity Provider details please download the metadata file and send us that file in order to link that file to your company account.

In the next page called Service provider details please add the following URLs:

Property

Value

ACS URL

https://dashboard.tesorio.com/saml/acs/

Entity ID

https://dashboard.tesorio.com/saml/acs/

Name ID format

EMAIL

Name ID

Basic Information > Primary email

In the next page called Attribute mapping please set the following values by selecting the dropdown property in Google Directory attributes and fill the App attributes as shown in the next screenshot:

To add more mappings please click the Add Mapping button and repeat the process until complete the mappings for First Name, Last Name and Primary email.

Attribute

Value

First name

FirstName

Last Name

LastName

Primary email

Email

Step 3

Enable user access for Tesorio app

Once you finish Step 2 you should see a screen like this:

Here you can validate the ACS URL and the SAML attribute mapping. The last step required to complete the process is enable the user access for this app. Please click the link below User access called View details. After clicking that link you should see this next screen:

Please set ON for everyone so the users can now access Tesorio Dashboard using Google SSO.

Step 4

Send Metadata

In order to add SAML information in Tesorio please send us the file downloaded in Step 2: Google Identity Provider details.

Step 5

Final setup

Once we update the metadata you will be able to connect using Google SSO, you will have the ability to log out, and log back in using the “Single Sign-On” option in order to test the SSO connection.

Did this answer your question?