| description |
|---|
Google SSO for Forest Admin |
{% hint style="info" %} You must have one project in your organization with the plan Forest Admin Pro plan to access this feature. {% endhint %}
- Log in to your Google account and navigate to the Admin console.
- In the Google Admin console, go to Menu: Apps → Web and mobile apps.
- Click Add App → Add custom SAML app and follow the wizard.
- In the Service Provider Details window, enter:
- ACS URL: Assertion Consumer Service URL is responsible for receiving the SAML response (It should be https://api.forestadmin.com/api/saml/callback).
- Entity ID: This is a globally unique name that Forest Admin gives you.
- Start URL: (Optional) This is used to set the RelayState parameter in a SAML Request, which can be a URL to redirect to after authentication (you can find more info on IDP-initiated login here).
{% hint style="info" %} You can find the Google documentation on custom SAML application here. {% endhint %}
Check the steps below this if you encounter an issue:
- Double check all information (endpoints, certificate expiration dates, etc..)
- Make sure the
Name ID(the primary email) configured on your Identity Provider is the email address used on Forest Admin accounts too