Add Tribeloo App to Google Admin Portal
1. Log in to your Google Admin portal and go to “Apps” – “SAML apps”
2. Select “Add App” – “Add custom SAML app”
3. Enter “Tribeloo SSO” for app name and click continue
Set up SSO
4. Copy the values of the “SSO URL” and “Entity ID” which will be used on the SSO configuration page in Tribeloo. We also need to download the Certificate
5. Now open the Tribeloo app, and navigate to the menu (1), Admin (2) and then select User Management (3) and then the SSO (4) tab.
6. We can now fill the Google data into the Tribeloo SSO configuration form
The value of the Google “Entity ID” should be filled in the “Issuer URL” field on the Tribeloo form
The value of the Google “SSO URL” should be filled in the Tribeloo field named “SSO login URL”
!! Note that these two values are in a different order on the Google form and the Tribeloo form
The content of the downloaded certificate should be put in the field named Certificate on the Tribeloo form
Don't forget to Save
7. Back to Google, after clicking continue, enter the following 2 fields
For "ACS URL" enter "https://app.tribeloo.com/web/sso/acs"
For "Entity ID" enter "https://app.tribeloo.com/web/sso/metadata"
Enable Signed response
Set Name ID format to "EMAIL"
Select "Continue"
8. Additional user claims can be added to the SSO setup in Google to improve Just in Time user provisioning with Tribeloo:
“Tribeloo.firstname” and “Tribeloo.lastname” will be used as Tribeloo Username for the new user
If this mapping is not available, user email is used as Tribeloo Username
“Tribeloo.site” will allow the user to be provisioned directly to a “Home site” in Tribeloo if the value received corresponds to the name of a Tribeloo site
If this mapping is not available or doesn’t match to a Tribeloo site, user will be created without “Home site” (Site= None)
Contact support if you want to provision home site but Tribeloo and Google site names do not match
9. Next step is to setup User access to everyone, Groups or Organizational Units. Click "Save".
10. Select “TEST SAML LOGIN”. It might take up to 24 hours for the app to work in Google.
11. When tested successfully, “Enable SSO” in the Tribeloo app
If you have questions or difficulties with your Tribeloo/Google SSO integration, please contact Tribeloo support via support@tribeloo.com