Skip to main content
Feedback

Single sign-on using Google workspace

info
  • SSO is available only in the Pro Plus plan.
  • To manage users through SSO, contact support and request for user management restricted to SSO.

Data Integration supports Single Sign-On (SSO) integration, letting you securely access accounts using your Google Workspace configuration.

To start this process, reach out to your CSM.

Configuring google workplace

Procedure

  1. Log in to your Google Admin account and navigate to the Apps -> Web and mobile apps.
  2. Select Add App.
  3. Click Add custom SAML app.
  4. Enter "Data Integration" as the application name and click Continue to switch to the "Google Identity Provider details" page.

Getting sign on URL, Issuer (entity ID), and public certificate

Procedure

  1. Make a note of the SSO URL. This URL is the Sign on URL in Data Integration.
  2. Make a note of the Entity ID. This ID is the Issuer in Data Integration.
  3. Note the Certificate: Open the copied certificate file in any text editor. The certificate is a string inside the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- statements.
  4. Click Continue to switch to the "Service provider details" page.
  5. Contact your Data Integration CSM and provide the SSO URL, Entity ID, and the certificate to your workspace.
  6. The CSM responds to the ACS URL.

Configuring the custom SAML application for Data Integration

Procedure

  1. Enter the ACS URL provided by your Customer support.
  2. Enter Data Integration as the Entity ID.
  3. Set the Start URL in the following way (by the applicable region):
For US console: https://console.rivery.io/
For EU console: https://eu-west-1.console.rivery.io/
For IL console: https://il-central-1.console.rivery.io/
For AU console: https://ap-southeast-2.rivery.io/

Leave and the Signed response checkbox checked.

  1. Set the Name ID format to UNSPECIFIED.
  2. Set the Name ID to Basic Information > Primary email.
  3. Click Continue to switch to the Attribute mapping page.
  4. In the Attribute mapping page, click ADD MAPPING.
  5. Select the Basic Information/Primary email in the Google Directory attributes for the third row → Enter email in the App attributes for the third row.
  6. Select the Basic Information/First name in the Google Directory attributes for the first row → Enter firstname in the App attributes for the first row.
  7. Select the Basic Information/Last name in the Google Directory attributes for the second row → Enter lastname in the App attributes for the second row.
  8. Select the Basic Information/Primary email in the Google Directory attributes for the third row → Enter NameID in the App attributes for the third row.
  1. Click Finish.

Testing your SSO

Procedure

  1. Log in to the Google account.
  2. Select the Data Integration button from the App selector.
    You are directed to your Data Integration account.
note

After setting up SSO, the default landing URL for your Data Integration console is https://console.rivery.io/home/[account_id]/default_env, indicating that all users have access permissions to the default environment.

On this Page