SSO Configuration
Navigate to https://admin.google.com/
Once there, on the sidebar menu navigate to Apps > Web and mobile apps and click “Add app” and select “Add custom SAML app”
App Details (Step 1)
Enter the following information in the form:
“App Name” is DeleteMe SAML
“Description” is DeleteMe SAML Integration
Then select continue
Google Identity Provider details (Step 2)
Under “Option 1: Download IdP metadata” select “DOWNLOAD METADATA”
This will download a file of credentials that DeleteMe can use to set up the SAML on their end. Keep track of where this file is being downloaded.
Select continue.
Service Provider details (Step 3)
Enter/Select the following information into the form:
ACS URL is https://prod1-abine-idp.auth.us-east-1.amazoncognito.com/saml2/idpresponse
Entity ID is urn:amazon:cognito:sp:us-east-1_DVSXvqzyB
Name ID format is EMAIL
Name ID is Basic Information > Primary email
Select Continue.
Attribute Mapping (Step 4)
For each of the following mappings select ADD MAPPING then select the corresponding Google Directory attributes field and copy and paste the corresponding App attributes url below into the input box.
- Primary Email -> http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
- First Name -> http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
- Last Name -> http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
- Country -> http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country
Add Groups to Access DeleteMe SAML (Step 5)
Navigate back to the Apps > Web and mobile apps screen and you should see your new DeleteMe SAML App shown in a list.
Click on the row of that table and that should bring you to the following screen displaying details of the DeleteMe SAML app.
In the box that says User access, it should say OFF for everyone. Click on that and it should take you to the screen where you can set access to the app for people.
Here you can now choose one or multiple groups to give access to the DeleteMe SAML application.
To add a group select a group and then select the ON checkbox and then SAVE
Members of that group will be able to use SSO to login into DeleteMe.
Share Metadata with DeleteMe (Step 6)
Share the metadata file you downloaded in Step 1 with your customer success representative from DeleteMe. They’ll complete the SSO integration setup on DeleteMe’s side and notify you when it’s complete.
Start Logging In Using SSO
Once DeleteMe has confirmed that your SSO integration is complete you can begin logging in via SSO by following the steps below:
Members:
- Navigate to your Tenant’s login page (i.e. https://xxxxxx.joindeleteme.com where xxxxxx is your Tenant’s subdomain)
- Click the Orange Button lableled “Log In Via Single Sign-On” and you will be asked to log into your identity provider (Google Workspace) and then you’ll be redirected to your DeleteMe Account Dashboard.
Admins:
- Navigate to your Tenant’s Admin login page (i.e. https://xxxxxx.joindeleteme.com/login where xxxxxx is your Tenant’s subdomain) or go to your standard member login page (i.e. https://xxxxxx.joindeleteme.com) and choose the “Admin Login” button in the top right hand corner
- Click the orange button lableled “Log In Via Single Sign-On” and you will be asked to log into your identity provider (Google Workspace) and then you’ll be redirected to your DeleteMe Admin Dashboard.
Customizing SSO Settings
There are several settings related to your SSO configuration that can be adjusted via DeleteMe Admin Portal Settings > Member Onboarding > Member & SSO Settings
“Member Onboarding via Invite Only” allows you to require members from your Identity Provider (Google Workspace) to be invited through the Admin Portal before they are able to sign up using Single Sign-On.
“Disable Member SSO on Login Page” allows you to remove the “Login via Single Sign-On” button from your Tenant’s Member Login page.
“Disable Admin SSO on Login Page” allows you to remove the “Login via Single Sign-On” button from your Tenant Admin Login page.
“Default Membership (SSO and Self Registration)” allows you to select the default plan that will be given to members of you organization when they self register through SSO.
Comments
0 comments
Please sign in to leave a comment.