Google Single Sign-On (SSO) lets users access multiple applications and services with their Google account—no need to manage separate passwords. With Jotform Enterprise, you can integrate Google SSO to streamline user access and enhance security across your organization’s server.
Note
Users can log in with either SSO or their email and password. You can also choose to require SSO for guest users.
Setting up the Google Workspace Custom SAML App
Before setting up Google SSO in your Jotform Enterprise account, you’ll need to create a custom SAML app in your Google Workspace dashboard. To get going, here’s what you’ll do:
- Log in to your Google Workspace Admin Console, then in the menu on the left, click on Apps.
- Now, in the menu that comes up, click on Web and Mobile Apps.
- In the Web and Mobile Apps section on the right, click on Add App.
- Then, in the Dropdown menu that opens, click on Add Custom SAML App.
- On the Add Custom SAML App screen, under the App Details section, set up these things:
- App Name — Choose a name that’s easy to recognize and helps identify your app at a glance.
- Description — Provide a short description to explain what your custom SAML app’s for.
- App Icon — Upload an icon to help visually identify your custom app.
- Then, click on Continue in the bottom-right corner of the screen.
- On the Google Identity Provider Details screen, copy your Custom SAML App’s SSO URL, Entity ID, and Certificate.
- Then, click on Continue in the bottom-right corner of the page.
- On the Service Provider Details screen, fill in these details.
- ACS URL — Enter your full Assertion Consumer Service URL. For example: https://example.jotform.com/sso/?acs
- Entity ID — Provide your Jotform Enterprise Entity ID. For example: https://example.jotform.com/sso/metadata.php
Notes
- The default Name ID is the user’s primary email address. Multiple values aren’t supported.
- Take a look at our guide on How to Obtain Service Provider Metadata from Jotform Enterprise to learn more about Jotform’s Service Provider Details.
- Next, click on Continue in the bottom-right corner of the page.
- Now, on the Attribute Mapping screen, click on Finish.
Note
Under the Attributes section, click on Add Mapping to map the attributes. Check out our guide on How to Configure SAML Attributes for Google SSO Prefill to learn more.
- Then, on the newly created Custom SAML App, under the User Access section, click on OFF for Everyone.
- Finally, in the Service Status section, select ON for Everyone, click on Save, and you’re all set.
Enabling and Configuring Google SSO in Your Jotform Enterprise Account
Now that you’ve got your Custom SAML App details ready, log in to your Jotform Enterprise account to set up the SSO connection. Here’s how to get going:
- On your My Workspace page, click on your Avatar/Profile picture in the top-right corner of the screen.
- Then, in the Dropdown menu that comes up, click on Admin Console to open your Admin Dashboard page.
- Click on the Settings in the menu on the left to open your Settings Dashboard.
- Scroll down to the SSO Settings section and toggle on Single Sign-On.
- Then, in the Provider Name field, enter the name you want users to see on the login page.
- Now, in the Identity Provider Metadata section, fill in these details:
- Entity ID — Enter your Google SAML Entity ID.
- SSO URL — Enter your Google SAML SSO URL.
- Certificate — Paste your Google SAML Certificate.
- SLO URL — Leave this blank*.
Note
*Google SSO doesn’t support Single Logout (SLO), so just leave the SLO URL field blank. If you need a custom logout URL for your Jotform Enterprise server, reach out to Enterprise Support. Our guide on How to Contact a Customer Success Manager has more details about how to do that.
- Finally, click on Test Connection to make sure everything’s working correctly. If it’s successful, click on Save to apply your SSO settings—and you’re good to go.
Once you’ve turned on SSO, you’ll see these extra options under the SSO settings:
- Allow Email Login for Licensed Users — This lets licensed users log in with their email and password too, not just through SSO.
- Require Single Sign-On for Guest Accounts — This makes sure guest users can only sign in through SSO, adding a bit more security.
- SSO SCIM Provisioning Settings — This helps you automatically manage users by syncing with your identity provider, so you don’t have to update things manually.
Send Comment: