Configuring the remote SAML server
To configure the remote SAML server:
- Go to Remote Auth. Servers > SAML, and click Create New.
The server name must match the one created in Google Workspace. For example, if the name in Google Workspace is set as GSIdP, the SAML server should also use GSIdP (case sensitive).
- Import the IdP metadata obtained from the SAML app on Google Workspace.
- In Username, select Subject NameID SAML assertion.
- In Group Membership, select Cloud and choose the previously created Google Workspace OAuth server. See Configuring OAuth settings.
- At the top of the page, select Proxy as the Type, and copy the Portal URL to be used later when customizing the replacement message.
- Click OK to save your changes.