What is SAML?

SAML (Security Assertion Markup Language) is a standard for securely exchanging authentication and authorization data between different online systems. It enables Single Sign-On (SSO), allowing users to log in once and gain access to multiple applications without needing to re-enter credentials. Think of SAML as a digital passport that verifies a user’s identity and grants them seamless access to various services.

This article will explain how to configure Google Workspace for SAML-based authentication.

How to configure Google Workspace SSO for Cartwheel

Here's how to set it up:

Contact the Cartwheel Support team at support@trycartwheel.com, and we will provide you with the ACS, Start URL, and Entity ID that you would require in order to complete the creation of SSO connection.
Configure your Google Workspace account for single sign-on (SSO) and provide us at the Cartwheel Support team with your IDP Metadata.
The Cartwheel team will complete the setup of your single sign-on.

Important: This process assumes you already have a Google Workspace account. If you don't, you'll need to create one before you can use SAML authentication with Cartwheel.

Configure Google Workspace for single sign-on (SSO)

Navigate to the Google Admin Portal.
Select Apps.
Click on Web and mobile apps. Select Add custom SAML app from the drop-down Add App menu.
Enter Cartwheel and upload an App icon (optional). Then click Continue.
In the Google IdP Information screen, click Next.
In the Service Provider Details screen, enter the information provided to you by the Cartwheel Support team, for example:
- ACS URL: https://demo.cartwheel.tech/app/saml/SSO/alias/google-acme
- Entity ID: Cartwheel
- Start URL: https://demo.cartwheel.tech/app/saml/login/alias/google-acme
- Name ID Format: Email
- Then click Next.

samlgw5

In the Attribute Mapping screen, click Add New Mapping.
Add new mappings and set:
Primary Email = EmailAddress
First name = FirstName
Last name = LastName
Make sure that the Service Status Button is on.