Google Apps SSO: SAML Application Setup

Last Updated -

Overview

Google Apps for Work is a platform for connecting applications. It is an identity provider that provides login credentials for Desk.com using SAML-based single sign-on. This allows Agents to login to Desk directly from Google Apps with having to use or remember separate credentials. 
 

Prerequisites

  1. Business Plan
  2. Google Apps as a SSO identity provider
 

Google Setup

1.   Login to your Google Apps account and navigate to https://admin.google.com/AdminHome​. The page should look like the one below. Select Apps to navigate to the applications section. 



2.   Select SAML apps.



3.   Click the plus button at the bottom right. 



4.   In the popup, click Setup My Own Custom App



5.   On the next page, we will be transferring some information into Desk. In another tab, open the Desk.com Admin and navigate to Settings > Single Sign-On. Back in Google Apps, copy the SSO Url and paste it into the Remote Login URL field in Desk.






6.   Without updating Desk, head back to Google Apps and download the certificate. Save it to your computer and we'll come back to it later. Proceed to the next page using the Next button at the bottom right.



7.   Name the application "Desk" and the Description can be anything you like. Add a logo if you wish. Click Next at the bottom right.




8. On this page, enter the following:
  • ACS URL - Out of the box, your SAML ACS endpoint will be https://yoursite.desk.com/auth/saml/acs. Similarly, if you have a custom CNAME set up, the endpoint would be https://YOURCNAME/auth/saml/acs.
  • Entity ID - If your site is “mysite.desk.com” then your Service Provider Entity ID value would simply be “mysite”. The unique site name is the correct value to use even if your site has its own CNAME.
  • Start Url - This field can be left blank.
  • Signed Response - Check the box.
  • Name ID - Basic Information > Primary Email
  • Name ID Format - EMAIL
Click Next to proceed.




9. On the Attribute Mapping page, select Finish at the bottom right to complete the setup. 



10. Activate the app by clicking the three dots to the right, then select the option to turn the app On



 

Desk Setup

1. Find the certificate file on your computer from Step 6 and open it in a text editor (such as Textedit or Notepad). Copy the contents of the file and paste it into an online converter such as this one. Make sure to generate the fingerprint using the SHA-1 algorithm. Copy the fingerprint and paste it into the corresponding field in Desk.



Hit Save at the bottom right. 
 

Other Notes

If you had previously enabled Google Apps under Admin > Settings > Integrations > Google Apps you will want to disable this now.