Skip to main content

Whether you’re looking for quick answers or in-depth guidance, our resources are here to assist you effectively.

Set Up Single Sign-On (SSO) with Google Workspace for SiftHub

Streamline access to SiftHub with Google Workspace! This guide helps you set up Single Sign-On (SSO) using SAML, so your team can log in with their Google Workspace credentials. 

What You’ll Learn

  • Why SSO? Your team logs in to SiftHub using their Google Workspace credentials—no extra passwords needed.
  • Protocol SAML is widely used for enterprise web apps.
    Google Workspace Admin Console only supports:
    • Pre-built apps from gallery
    • Custom SAML applications
    • Basic OAuth consent screen controls (Internal vs External)

Before You Start

Here’s what you’ll need:

  • Google Workspace Admin Access: You must be an admin in your Google Workspace account (with Security settings privileges).
  • SiftHub Permissions: Log in to SiftHub as an Account Owner or Security Admin. (Check Settings > Security > Authentication. If needed, your Account Owner can add your Google Workspace admin as a Security Admin in SiftHub temporarily.)
  • SiftHub Login: Your current SiftHub email and password (these won’t be needed after SSO is set up).

Let’s get started!

SAML connects SiftHub to Google Workspace for secure, browser-based logins. Follow these steps:

Step 1: Configure SAML in Google Workspace

  1. Log In to Google Admin Console
     Go to admin.google.com and sign in as an admin.
  2. Add SiftHub as a Custom SAML App
    • Navigate to Apps > Web and Mobile Apps.
    • Click Add App > Add custom SAML app.
    • Name it “SiftHub SSO” and (optionally) upload an icon. Click Continue.
  3. Download Google Metadata
    • On the Google Identity Provider Details page, click Download Metadata to save the XML file.
    • Alternatively, copy the SSO URL, Entity ID, and download the Certificate. You’ll need these later.
    • Click Continue.
  4. Enter SiftHub Details
    • Log in to SiftHub as an Account Owner or Security Admin.
    • Go to Settings > Security > Authentication, then click Set up SSO.
    • Copy the Service Provider Details (e.g., ACS URL and Entity ID).
    • Back in Google, under Service Provider Details:
      • Paste the ACS URL into ACS URL.
      • Paste the Entity ID into Entity ID.
      • Leave Start URL blank (SiftHub supports IdP-initiated SSO).
    • Click Continue.
  5. Map Attributes
    • On the Attribute Mapping page, add:
      • Google Directory Attribute: Primary Email → App Attribute: email
      • Google Directory Attribute: First Name → App Attribute: firstName
      • Google Directory Attribute: Last Name → App Attribute: lastName
    • Click Finish.
  6. Enable the App
    • In Web and Mobile Apps, select your “SiftHub SSO” app.
    • Click User Access, choose ON for everyone (or select specific groups/org units), and click Save. (Changes may take up to 24 hours to propagate.)

Step 2: Finish SAML SSO in SiftHub

  1. Upload Metadata to SiftHub
    • In SiftHub’s Settings > Security > Set up SSO, under Identity Provider Configuration:
      • Select Configure using Metadata URL.
      • Upload the XML file from Google or paste the SSO URL as the App Federation Metadata URL.
    • Click Update.
  2. Test the Connection
    • Log out of SiftHub and try logging in with your Google Workspace credentials to confirm it works.
  1.  

All Done!

Your team can now log in to SiftHub with Google Workspace credentials.

Need help? Contact SiftHub support!