Note: This document references views and actions that are only available to Echo Administrators
Accessing Google Admin Console
Using your Google Admin access, go to admin.google.com
To establish SSO using SAML for the Echo applications that aren't in the pre-integrated apps list:
- In your Google Admin console (at admin.google.com)
- Go to Apps Settings -> SAML Apps.
- Select the Add a service/App to your domain link or click the plus (+) icon in the bottom corner.
- Click Setup my own custom SAML App.
- The Google IDP Information window opens and the Single Sign-On URL and the Entity ID URL fields automatically populate.
- There are two ways to collect the service provider Setup information: We recommend - Download the IDP metadata, (you will need to rename it to idp-meta.xml before upload it into Echo's Integration Tab under Edit Settings from the Domain Detail page). Click Next.
- In the Basic Application Information window, add an application name and description.
- (Optional) Click Choose file next to the Upload Logo field to upload a PNG or GIF file to serve as an icon. The file size should be 256 pixels square.
In the Service Provider Details window, add an ACS URL, an Entity ID, and a start URL. The ACS URL, the Entity ID, and the start URL information should be entered as follows:
NOTE: replace USERSPACE with your schools Userspace/URL
- ACS URL: https://api.agilixbuzz.com/SAML/USERSPACE/Consumer
- Entity ID: https://api.agilixbuzz.com/SAML/USERSPACE
- Start URL: https://USERSPACE.echo-ntn.org/home
Leave Signed Response unchecked.
Click Add new mapping and enter a new name for the attribute you want to map.
Note: You can define a maximum of 100 attributes over all apps. each app has one default attribute, the total amount includes the default attribute plus any custom attributes you add. For example, if you have 25 apps you can't add more than 3 attributes to each. Once you add 3 custom attributes to each you've reached the maximum number of 100, because each of the 25 apps always has a default attribute.
In the drop-down list, select the Category and User attributes to map the attribute from the GSuite profile.
After you have click Finished this is your SAML Set up page:
Echo Settings for SSO
From Echo’s Domain Settings select Integration tab.
Select SAML from the Authentication Type.
Select the upload icon and select your idp-meta.xml file and click Upload:
NOTE: In the prior step you should have renamed your GoogleIDP Metadatafile however if you have not, please rename to: idp-meta.xml.
After upload select Open in new Window: If you do not, Google will not load in the iFrame window.