G Suite Configuration

Warning:

This SSO documentation is intended for local installations only, and is considered legacy functionality. Local installations of Flow Production Tracking are no longer offered. This documentation is only for customers with existing instances of Flow Production Tracking Enterprise Docker. Click here for a list of our current offerings.

Configuring a SAML application in G Suite is relatively straightforward.

Note:

Please keep in mind that the following instructions are given as an example, and may differ from what is required in your particular situation.

Once you connect to your G Suite administration portal, from the Admin Console:

  1. Select Apps:

    Screen_Shot_2020-04-16_at_11.28.35_AM.png

  2. Select SAML apps:

    Screen_Shot_2020-04-16_at_11.28.51_AM.png

  3. To add an application, click on the '+' sign at the bottom right:

    Screen_Shot_2020-04-16_at_11.29.15_AM.png

  4. The application catalog does not contain a Flow Production Tracking choice. You will need to select SETUP MY OWN CUSTOM APP:

    Screen_Shot_2020-04-16_at_11.30.30_AM.png

  5. In this step, please download the certificate, and copy and paste the SSO URL and Entity ID information. You will need those to configure Flow Production Tracking. Then click Next:

    Screen_Shot_2020-04-16_at_11.30.56_AM.png

  6. You will need to pick a name for your application. Optionally you can add an icon and a description:

    Screen_Shot_2020-04-16_at_11.37.14_AM.png

  7. In this step you will need to enter the following information:

    ACS URL: https:// YOUR SITE URL /saml/saml_login_response

    Entity ID: https:// YOUR SITE URL /saml/metadata

    Screen_Shot_2020-04-16_at_11.39.16_AM.png

  8. To properly configure your application to connect with Flow Production Tracking, you will need to select ADD NEW MAPPING:

    Screen_Shot_2020-04-16_at_11.40.46_AM.png

  9. Enter the SAML Attributes:

    login_id

    firstname

    lastname

    email

    The values you decide to use will be dependent on your organization.

    Screen_Shot_2020-04-16_at_11.42.00_AM.png

  10. When clicking FINISH you will get a confirmation that the configuration is now complete:

    Screen_Shot_2020-04-16_at_11.42.30_AM.png

  11. But there is still one thing to do: give access to the new application to your existing users or groups. By default, a new application is OFF for everyone. Click on EDIT SERVICE to configure the access:

    Screen_Shot_2020-04-16_at_11.43.20_AM.png

  12. The last step is to provide the SSO configuration to your Flow Production Tracking Administrators. The SSO URL and Entity ID were given in step 5 (step 2 in the Admin GUI). The Flow Production Tracking config will use:

    SAML 2.0 Endpoint (HTTPS): SSO URL

    Identity Provider Issuer: Entity ID

    Public Certificate: The content of the downloaded .pem certificate file