search

Google Workspace

Keeper Connection Manager SAML configuration with Google Workspace

hashtag
Google Workspace Configuration

The first step regardless of installation method is to configure your SAML 2.0 identity provider using Google Workspace.

(1) Login to Google Workspace

Visit the Apps > Web and Mobile Apps screen.

(2) Select "Add App" and select "Add Custom SAML App".

Enter an application name and description. You can also upload a Keeper Connection Manager logo. The image logo is here:

file-image
3KB
kcm-logo-144-transparent.png
image
arrow-up-right-from-squareOpen
KCM Logo

Click Continue.

(3) Download the metadata.xml file

...and then click Continue

Download Metadata

(4) Configure the SAML Settings

Update 3 fields: ACS URL, Entity ID and Name ID format.

  • The ACS URL needs to start with your Keeper Connection Manager domain followed by "/api/ext/saml/callback".

  • The Entity ID is just the Keeper Connection Manager domain.

  • The Name ID format must be EMAIL

Click Continue.

(5) Assign group membership (Optional)

You can now assign Group Membership to the Keeper Connection Manager application, which is optional. If you would like to assign a group, make sure that the "App Attribute" is groups (lowercase). Then click FINISH.

Group membership
circle-info

Google Group to Keeper Connection Manager Group mapping is through the Group Name. If the Keeper Connection Manager contains a Group that has the name corresponding to the Google Group Name, the user will receive all Keeper connections assigned to that user group.

(6) Enable Access

After creating the SAML app, it is not yet active for all users. To enable access, click on View details and turn the application ON.

Enable User Access
Turn KCM On

The Google Workspace side of the setup is complete. Note if you change anything, you need to re-download a new metadata.xml file.

PreviousOktaNextOneLogin

Last updated

Was this helpful?