Introduction

This guide will detail the various steps required to integrate Google Workspace as a SAML provider for your env0 organization. The current implementation is used for authentication only, where you define your users in your Google Workspace account to enable them access to your env0 organization. You can also add env0 as an application in your user application dashboard.

Steps

1. Login to your Google Workspace admin dashboard - https://admin.google.com
2. Go to Apps > SAML Apps
3. Click on the + button at the bottom right of the screen to add a new application
4. Click on SETUP MY OWN CUSTOM APP

5. Copy the SSO URL, Entity ID and download the certificate. You will need to send those over to env0 so we can set up the SAML on our side. Then click on the next button.
6. Give the application a name and a description, and upload the env0 logo. Then click on the next button.
7. In the ACS URL enter the following: https://login.app.env0.com/login/callback?connection={YOUR_ENV0_ORG_ID}
8. In the Entity ID enter urn:auth0:env0:{YOUR_ENV0_ORG_ID}
9. Check the Signed Response checkbox.
10. In the Name ID, choose Basic Information and Primary Email
11. In the Name ID format choose Unspecified
12. Click on the next button.
13. In the Attribute Mapping add the following:

14. Click on the Finish button and you should get this message:
15. In the User Access set the user you would like to have access to env0.
16. Upload the SSO URL, Entity ID, and the Certificate you have downloaded to https://www.env0.com/env0-setup-saml-single-sign-on.