Setting Up G Suite (Google Apps for Work) Authentication

Using Mitratech HQ? Go here for further instructions!

Trakstar can be easily set up to work with G Suite (Google Apps for Work) as a custom SAML application - follow the steps below!

Add and configure Trakstar as an app in G Suite

As a G-Suite Administrator, navigate to Apps

Click “SAML apps”.

Click the blue (+) plus icon in the bottom right corner.

Click “SETUP MY OWN CUSTOM APP

Copy down the SSO URL. Download the Certificate. Click Next.

Under Application Name, enter “Trakstar”. Upload the Trakstar logo (Here’s a 256 x 256 version of our logo you can use). Click Next.

Back in Perform, visit Settings > Authentication & SSO.

Under “SAML 2.0”, click the Configure button. Copy down the ACS (Consumer) URL and Issuer.

Back in G Suite, paste the ACS (Consumer) URL from Trakstar into ACS URL.

Paste the Issuer into Entity ID.

Leave Start URL blank.

Check Signed Response.

  • (Optional) Configure what G Suite should send Trakstar as the NameID. This must match usernames within Trakstar.

Click Next.

On the Attribute Mapping screen, simply click Finish. Trakstar requires no special attributes to be passed.

Dismiss the notification, clicking OK.

Enable the application to allow testing. 

When viewing the app, click the three dots in the upper right corner, and their select “ON for everyone” or “ON for some organizations”. Make sure you enable for yourself, or a user that you can test signing in with.

The Trakstar application will show up in the app drawer dropdown on Google applications, like Gmail.

Back in Trakstar, visit Settings > Authentication & SSO if you’re not already there.

  • Paste the SSO URL you copied from G Suite into the IdP SSO Target URL.
  • Open the Certificate you downloaded from G Suite in a text editor. Paste the contents into the IdP Certificate.
  • Click Save.

Test and enable

Follow the instructions here to test and enable the integration, and for tips on troubleshooting.

Note: The NameID that G Suite sends must match the usernames within Trakstar. Trakstar supports email addresses as usernames, but can also support other formats. If necessary, change what G Suite sends as the NameID by clicking on Service Provider Details while viewing the Trakstar SAML App.

For more information on setting up and configuring custom SAML applications with G Suite, see https://support.google.com/a/answer/6087519.

Still need help? Contact Us Contact Us