All Collections
Single Sign On (SSO) Integration
How to connect G-Suite SSO
How to connect G-Suite SSO

Find out how to set up Google SSO on AirMason

Judith avatar
Written by Judith
Updated over a week ago

Organization URL:

In this article, we'll be referencing this URL at a couple of places. You can figure out what to use there by going to Manage Organization > Configuration

If you've custom domain setup on AirMason
- then your Organization URL will be your custom domain (Eg: handbooks.johnsmithweb.com)
- otherwise it will be books.airmason.com/<company-handle>, where <company-handle> is company handle that you've set up. (Eg: books.airmason.com/johnsmith)

Setting up AirMason app on G-Suite:

  1. Login into https://admin.google.com/ac/home using google admin account

  2. Then follow these steps to create Google saml app

    1. Go to “Apps” > “Web and mobile apps”

    2. Click Add App and click Add custom SAML app

  3. App details

    1. App name = AirMason

    2. App Icon

      1. Click on image to download and save the AirMason logo

    3. Click continue

  4. Google Identity Provider details

    1. Click continue

  5. Service provider details

    1. ACS URL and Entity ID is your https://organization URL/gg_sso/saml2

    2. NAME ID should match the following image

    3. Click continue

  6. Attributes

    1. Match your mapping with the following image:

    2. Click Finish

  7. Once the app is created, go to “User access” and select employees you want to give access to.

Connecting G-Suite SSO app to AirMason:

  1. Go to G-Suite app and click on "DOWNLOAD METADATA" button
    1.1. Your browser URL should be looking something like this:
    https://admin.google.com/u/1/ac/apps/saml/587527004653 . In this example URL, 587527004653 is AppID. Copy your AppID from your URL (we would be using it later)
    1.2. From the download metadata page, copy your Entity ID and Certificate
    1.3. From your Entity ID field, copy idpid. If Entity ID looks like this https://accounts.google.com/o/saml2?idpid=C03e14v76 then C03e14v76 is idpid.

  2. Now, login to airmason.com and go to Integrations page

  3. Select GSuite app from SSO applications and click on Connect and set the following params:
    3.1. Issuer URL as Entity ID value from Step 1.2.
    3.2. Certificate as Certificate value from Step 1.2.
    3.3. SAML 2.0 Endpoint as https://accounts.google.com/o/saml2/initsso?idpid=<idpid>&spid=<AppID>&forceauthn=false (replace <AppID> with your AppID value from step 1.1. and <idpid> with your app's idpid from step 1.3.). Your final URL should look something like this:
    https://accounts.google.com/o/saml2/initsso?idpid=C03e14v76&spid=857390449774&forceauthn=false

Testing GSuite SSO as employee:

  1. Go to your Organization URL. It should show you login page for viewing your handbooks

  2. Click on "Login with Google SSO"

  3. It should take you to login using google SSO credentials (if you are not logged in)

  4. Once you log in, it should bring you back to AirMason and you should be able to view handbooks you've access to (similar to what is shown below).


Related Articles
How to connect Okta SSO
How to connect Idaptive SSO
How to connect OneLogin SSO
How to connect DUO SSO
How to connect JumpCloud
Did this answer your question?