CONFIGURING ZOHO SINGLE SIGN-ON WITH GOOGLE IDP
Using Security Assertion Markup Language (SAML), a user can use their G Suite credentials to sign in to Zoho Applications via Single Sign-On (SSO).
Set up your own custom SAML app with Google as IDP:
To establish SSO using SAML for your Zoho applications:
- Sign in using an administrator account to your Google Admin console.
- From the Admin console dashboard, click on Apps.
- To see Apps on the dashboard, you might have to click More controls at the bottom.
- In the options shown click on the SAML Apps button.
- Click on the plus (+) icon in the bottom corner of the screen.
- Click Setup my own custom SAML App in the bottom of the pop-up window which opens.
- The Google IDP Information window opens and the Single Sign-On URL and the Entity ID URL fields automatically populate.
- You can copy the Entity ID and the Single Sign-On URL field values and download the X.509 Certificate.
- Now, Log into https://accounts.zoho.com/ with an OrgAdmin Account and paste them into the appropriate Setup fields, and then click Next. To know more about Configuring SAML with Zoho Accounts, you can click on this link.
- In the Basic Application Information window, add an Application name and description.
- (Optional) Click Choose file next to the Upload Logo field to upload a PNG or GIF file to serve as an icon. The file size should be 256 pixels square.
- In the Service Provider Details window, add an ACS URL, an Entity ID, and a start URL.
-> The ACS URL is provided on the Zoho Accounts page.
-> The Entity ID will be a constant - zoho.com.
-> The Start URL information should be in the following format.
Syntax - ZohoService URL__IAM__ZohoServiceName.
Note: Or you can leave the Start URL field empty. Instead, you can configure the Service Name in Zoho Accounts.
- Click Next. The “Add New Mapping” window is optional and can be configured if you need any custom attributes in SAML Response.
- Click Finish.
SAML configuration is completed at both ends. Your organization users can log into Zoho by authenticating via Google.