G Suite Configuration

Configuring a SAML application in G Suite is relatively straightforward.

Please keep in mind that the following instructions are given as an example, and may differ from what is required in your particular situation.

Once you connect to your G Suite administration portal, from the Admin Console:

  1. Select Apps:

    Screen_Shot_2020-04-16_at_11.28.35_AM.png
  2. Select SAML apps:

    Screen_Shot_2020-04-16_at_11.28.51_AM.png
  3. To add an application, click on the '+' sign at the bottom right:
    Screen_Shot_2020-04-16_at_11.29.15_AM.png
  4. The application catalog does not contain a Shotgun choice. You will need to select SETUP MY OWN CUSTOM APP:

    Screen_Shot_2020-04-16_at_11.30.30_AM.png
  5. In this step, please download the certificate, and copy and paste the SSO URL and Entity ID information. You will need those to configure Shotgun. Then click Next:

    Screen_Shot_2020-04-16_at_11.30.56_AM.png
  6. You will need to pick a name for your application. Optionally you can add an icon and a description:

    Screen_Shot_2020-04-16_at_11.37.14_AM.png
  7. In this step you will need to enter the following information:
        ACS URL: https://YOUR SITE URL/saml/saml_login_response
        Entity ID: https://YOUR SITE URL/saml/metadata

    Screen_Shot_2020-04-16_at_11.39.16_AM.png 
  8. To properly configure your application to connect with Shotgun, you will need to select ADD NEW MAPPING:

    Screen_Shot_2020-04-16_at_11.40.46_AM.png
  9. Enter the SAML Attributes:
        login_id
        firstname
        lastname
        email
     
    The values you decide to use will be dependent on your organization.

    Screen_Shot_2020-04-16_at_11.42.00_AM.png 
  10. When clicking FINISH you will get a confirmation that the configuration is now complete:

    Screen_Shot_2020-04-16_at_11.42.30_AM.png
  11. But there is still one thing to do: give access to the new application to your existing users or groups. By default, a new application is OFF for everyone. Click on EDIT SERVICE to configure the access:

    Screen_Shot_2020-04-16_at_11.43.20_AM.png
  12. The last step is to provide the SSO configuration to your Shotgun Administrators. The SSO URL and Entity ID were given in step 5 (step 2 in the Admin GUI). The Shotgun config will use:
        SAML 2.0 Endpoint (HTTPS): SSO URL
        Identity Provider Issuer: Entity ID
        Public Certificate: The content of the downloaded .pem certificate file
     

 

 

 

 

Follow