Creative Force

This article goes over how to set up SAML SSO on Google Workspace

Step 1. Create new App &amp; Integrate to Creative Force

Login to <a href="https://admin.google.com/" rel="nofollow noopener noreferrer" target="_blank">https://admin.google.com/</a>.

Expand “Apps” then select “Web and mobile apps”.

Select Add App → Add custom SAML app.

Input your app name then “Continue”.

Click DOWNLOAD METADATA to save the file to set up on Gamma then click Continue.

Input values for ASC URL, Entity ID &amp; RelayState then Continue.

- ASC URL: See “SP Assertion Consumer Service Url” in the <a href="https://help.creativeforce.io/en/articles/5825871-how-to-set-up-single-sign-on-within-creative-force">How to set up Single Sign-On within Creative Force</a> article
- Entity ID: See “SP Entity ID” in the <a href="https://help.creativeforce.io/en/articles/5825871-how-to-set-up-single-sign-on-within-creative-force">How to set up Single Sign-On within Creative Force</a> article
- Start URL: To configure the StartURL, use the following format

&lt;SP Assertion Consumer Service Url&gt;?relaystate=&lt;URL encoded RelayState value&gt;

- Login to <a href="https://admin.google.com/" rel="nofollow noopener noreferrer" target="_blank">https://admin.google.com/</a>.
- Expand “Apps” then select “Web and mobile apps”.
- Select Add App → Add custom SAML app.
- Input your app name then “Continue”.
- Click DOWNLOAD METADATA to save the file to set up on Gamma then click Continue.
- Input values for ASC URL, Entity ID &amp; RelayState then Continue.
 - ASC URL: See “SP Assertion Consumer Service Url” in the <a href="https://help.creativeforce.io/en/articles/5825871-how-to-set-up-single-sign-on-within-creative-force">How to set up Single Sign-On within Creative Force</a> article
 - Entity ID: See “SP Entity ID” in the <a href="https://help.creativeforce.io/en/articles/5825871-how-to-set-up-single-sign-on-within-creative-force">How to set up Single Sign-On within Creative Force</a> article
 - Start URL: To configure the StartURL, use the following format
 &lt;SP Assertion Consumer Service Url&gt;?relaystate=&lt;URL encoded RelayState value&gt;

<a href="https://sso.creativeforce.io/saml2/idpresponse?relaystate=response_type%3Dtoken%26identity_provider%3Dbcf532d43b07%26client_id%3D504hah0l8qjf5lp6%26redirect_uri%3Dhttps%253a%252f%252faccounts.creativeforce.io%252f-sp-initiated%26scope%3Demail" rel="nofollow noopener noreferrer" target="_blank">https://sso.creativeforce.io/saml2/idpresponse?relaystate=response_type%3Dtoken%26identity_provider%3Dbcf532d43b07%26client_id%3D504hah0l8qjf5lp6%26redirect_uri%3Dhttps%253a%252f%252faccounts.creativeforce.io%252f-sp-initiated%26scope%3Demail</a>

<a href="https://sso.creativeforce.io/saml2/idpresponse" rel="nofollow noopener noreferrer" target="_blank">https://sso.creativeforce.io/saml2/idpresponse</a> is the ACS URL

The RelayState value is URL encoded and appended after ‘relaystate=’

The example RelayState value is ‘response_type%3Dtoken%26identity…’

- <a href="https://sso.creativeforce.io/saml2/idpresponse" rel="nofollow noopener noreferrer" target="_blank">https://sso.creativeforce.io/saml2/idpresponse</a> is the ACS URL
- The RelayState value is URL encoded and appended after ‘relaystate=’
- The example RelayState value is ‘response_type%3Dtoken%26identity…’

Add mapping attributes then Finish.

- Add mapping attributes then Finish.

Navigate to Directory → Users to manager users

Navigate to Directory → Groups to manager groups

- Navigate to Directory → Users to manager users
- Navigate to Directory → Groups to manager groups

Primary email	http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
First name	http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
Last name	http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname

This article goes over how to set up SAML SSO on Google Workspace

Step 1. Create new App & Integrate to Creative Force

Step 2. Assign user to integration App