Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Application Security Platform
SSO

Google Single Sign-On Integration with SAML

This document is for:
Invicti Platform

Google offers a Single Sign-On service as part of its Cloud Identity product. The service provides single-click access to applications. For additional information, refer to the Google support documentation.

This document explains how to configure Google and Invicti Platform for Single Sign-On.

Configure Google Single Sign-On Integration with SAML

  1. Select Apps > Web and mobile apps in Google Admin console.
  2. From the Web and mobile apps page, select Add app > Add custom SAML app.
  3. On the Add custom SAML app page, enter a name for your app. (For this document, we use Invicti.)
  4. Click Continue.
  5. The IdP Information: SSO URL, Entity ID, and Certificate will be needed in a later step.
  6. Click Continue.
  7. Open a new browser tab and select Settings > Security & Access Control > SSO from the Invicti’s menu.  
  8. Turn on the Enable SSO toggle.
  9. Select Google from the SSO Provider drop-down list.

  1. Copy the SAML 2.0 Service URL from Invicti and paste it into the ACS URL field in the Service provider details section..
  2. Copy the Identifier from Invicti and paste it into the Entity ID field in the Service provider details section..

  1. Click Continue in the admin console to open Atribute mapping.
  2. Click Add Mapping and configure the Attribute Mapping as follows:
  • Assign to the First name field the value user.firstName.

  1. Click Finish in your Google Admin console.
  2. In your Google Invicti settings page, change the User access to ON for everyone.

  1. Click DOWNLOAD METADATA to access the IdP information. 

  1. Copy Entity ID field and switch to Invicti browser tab to paste the URL into the IdP Identifier field.
  2. Switch to Google browser tab to copy the URL from the SSO URL field and paste it into the SAML 2.0 Endpoint field in Invicti.
  3. Switch to Google browser tab to copy the content from the X.509 Certificate field and paste it into the X.509 Certificate field in Invicti.

  1. Select the checkboxes for signed assertions, encrypted assertions, or sign requests as needed.
  2. If you enable any assertions or requests, a new section appears where you can Generate a new certificate or upload an existing one.
  3. Use the SSO Exemptions dropdown to select users who can log in to Invicti via password.
  4. Click Save to complete the integration.  
  5. Open Google Invicti’s setting page and click TEST SAML LOGIN to test the connection.

To learn more about the Single Sign-On fields, refer to the Single Sign-On configuration document.

Top Articles

What is Invicti?

Overview of Scan Policies

Scheduling Scans

Managing Integrations

Built-In Reports

Share This Article