Single Sign-On (SSO)

Google Workspace

Set up a custom SAML app in the Google Workspace Admin console, with your Validio deployment information:
- ACS URL: [Deployment instance URL]/login/saml2
- IdP Entity ID: [Deployment instance URL]/saml2
- Name ID format: [EMAIL]
- Leave other fields as default
Add a new identity provider in Validio:
- Entry point / SSO URL: https://accounts.google.com/o/saml2/idp?idpid=[Identity provider ID]
- Entity ID: [Deployment instance URL]/saml2
- Certificate: The certificate (string value) is found in the Google Workspace Admin console or in the IDP metadata.

Set up a custom SAML app in the JumpCloud admin console , with your Validio deployment information:
- IdP Entity ID: [Deployment instance URL]/saml2
- SP Entity ID: [Deployment instance URL]/saml2
- ACS URL: [Deployment instance URL]/login/saml2
- SAMLSubject NameId Format: select urn:oasis:names:tc:SAML:1:1:nameid-format:emailAddress
- Signature Algorithm: RSA-SHA256
- Check the 'Sign Assertion' checkbox
Add a new identity provider in Validio:
- Entry point / SSO URL: Same value as IDP URL for your application in JumpCloud
- Entity ID: [Deployment instance URL]/saml2
- Certificate: Download the certificate under JumpCloud> SSO Applications> your configured application > IDP Certificate valid > Download certificate (paste the entire content of the downloaded certificate.pem into this field)

Setup a Enterprise Application using SAML
- IdP Entity ID: [Deployment instance URL]/login/saml2
- ACS URL: [Deployment instance URL]/saml2
Add a new identity provider in Validio:
- Entry point / SSO URL: https://login.microsoftonline.com/[Identity provider ID]/saml2
- Entity ID: [Deployment instance URL]/saml2
- Certificate: Download the Base64 version on Entra> Single sign-on> SAML Certificates and paste the string to the Certificate field on Validio