Tag Archives: SAML

Twelve third-party applications added to the G Suite pre-integrated SAML apps catalog

With Single Sign-On (SSO), users can access all of their enterprise cloud applications—including the Admin console for admins—after signing in just once. Google supports the two most popular enterprise SSO standards, OpenID Connect and SAML, and there are many applications with pre-integrated SSO support in our third-party apps catalog already.

Building on other recent launches (February 27th, March 12th, March 29th), we’re adding SAML integration for 12 additional applications:
  • Black Duck 
  • Brightcove
  • Chartio
  • Duo
  • Hootsuite
  • Jenkins
  • Jostle
  • Mango Apps 
  • SumTotal 
  • TextMagic 
  • Veracode 
  • Zinc 



Note that apart from the pre-integrated SAML applications, G Suite also supports installing “Custom SAML Applications,” which means that admins can install any third-party application that supports SAML. The advantage of a pre-integrated app is that the installation is much easier. You can learn more about installing Custom SAML Applications in this Help Center article.

Launch Details 
Release track:
Launching to both Rapid Release and Scheduled Release

Editions: 
Available to all G Suite editions 

Rollout pace: 
Gradual rollout (up to 15 days for feature visibility)

Impact: 
Admins only

Action: 
Admin action suggested/FYI

More Information
Help Center: Using SAML to set up federated SSO 


Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Coming May 7th, 2018: A more secure sign-in flow on Chrome

If your organization uses SAML to sign users in to G Suite services*, those users will soon see an additional step in the process when using Chrome as their web browser. Starting on May 7th, 2018, after signing in on a SAML provider’s website, they’ll be brought to a new screen on accounts.google.com to confirm their identity. This screen will provide an additional layer of security and help prevent users from unknowingly signing in to an account created and controlled by an attacker.


To minimize disruption for the user, this feature will only be shown once per account per device. We’re working on ways to make the feature even more context-aware in the future, meaning your users should see the screen less and less over time.

Protecting against phishing attacks
This new screen is intended to prevent would-be attackers from tricking a user (e.g. via a phishing campaign) into clicking a link that would instantly and silently sign them in to a Google Account the attacker controls. Today, this can be done via SAML single sign-on (SSO), because it doesn’t require a user interaction to complete a sign-in. To protect Chrome users, we’ve added this extra protection.

Creating a consistent identity
This new security feature is part of a larger project to create a consistent identity across Google web services (like Gmail) and native Chrome browser services (like Chrome Sync). This consistency will make it easier for signed-in G Suite users to take advantage of native Chrome browser features, but it requires additional protection during authentication. This new screen adds that protection and reduces the probability that attackers successfully abuse SAML SSO to sign users in to malicious accounts.

Disabling the new screen
If you wish to disable the new screen for your organization, you can use the X-GoogApps-AllowedDomains HTTP header to identify specific domains whose users can access Google services. Users in those domains won’t see this additional screen, as we assume those accounts are trusted by your users. This header can be set in Chrome via the AllowedDomainsForApps group policy.


*This won't impact individuals who sign in to G Suite services directly and those who use G Suite or Cloud Identity as their identity provider. The screen is also not shown on devices running Chrome OS.

Launch Details
Release track:
Launching to both Rapid Release and Scheduled Release on May 7th, 2018

Editions:
Available to all G Suite editions

Rollout pace:
Extended rollout (potentially longer than 15 days for feature visibility)

Impact:
All end users

Action:
Change management suggested/FYI


Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Twenty three third-party applications added to the G Suite pre-integrated SAML apps catalog

With Single Sign-On (SSO), users can access all of their enterprise cloud applications—including the Admin console for admins—after signing in just once. Google supports the two most popular enterprise SSO standards, OpenID Connect and SAML, and there are many applications with pre-integrated SSO support in our third-party apps catalog already.

Building on other recent launches (February 27th, March 12th), we’re adding SAML integration for 23 additional applications:


  • Adaptive Insights 
  • Buildkite 
  • Citrix ShareFile 
  • CrashPlan 
  • Fuze 
  • HappyFox 
  • Huddle 
  • Image Relay 
  • itsLearning 
  • Jobvite 
  • Klipfolio 
  • Mimecast 
  • Mozy 
  • Enterprise 
  • Periscope Data 
  • Pipedrive 
  • Pritunl 
  • Qubole 
  • Runscope 
  • Saba 
  • Solium Shareworks 
  • Spotinst 
  • VictorOps 
  • Zuora 

You can find our full list of pre-integrated applications, as well as instructions for installing them, in the Help Center.

Note that apart from the pre-integrated SAML applications, G Suite also supports installing “Custom SAML Applications,” which means that admins can install any third-party application that supports SAML. The advantage of a pre-integrated app is that the installation is much easier. You can learn more about installing Custom SAML Applications in this Help Center article.

Launch Details 
Release track:
Launching to both Rapid Release and Scheduled Release

Editions:
Available to all G Suite editions

Rollout pace: 
Gradual rollout (up to 15 days for feature visibility)

Impact:
Admins only

Action:
Admin action suggested/FYI

More Information 
Help Center: Using SAML to set up federated SSO

Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Twenty-five third-party applications added to the G Suite pre-integrated SAML apps catalog

With Single-Sign-On (SSO), users can access all of their enterprise cloud applications—including the Admin console for admins—after signing in just once. Google supports the two most popular enterprise SSO standards, OpenID Connect and SAML, and there are many applications with pre-integrated SSO support in our third-party apps catalog already. We’re now adding SAML integration for 25 additional applications:
  • Adobe Sign (formerly EchoSign)
  • AppDynamics
  • Apteligent
  • Artifactory Cloud
  • Autotask Workplace
  • Betterworks
  • Bugcrowd
  • Cisco Umbrella (formerly OpenDNS)
  • CloudHealth
  • Digicert
  • Egencia
  • Engagedly
  • Envoy
  • Freshservice
  • inContact
  • Kapost
  • LearnCore
  • Lifesize
  • Namely
  • PeopleHR
  • Reflektive
  • RightScale
  • Robin
  • Skyhigh
  • Uservoice
You can find our full list of pre-integrated applications, as well as instructions for installing them, in the Help Center.

Note that apart from the pre-integrated SAML applications, G Suite also supports installing “Custom SAML Applications,” which means that admins can install any third-party application that supports SAML. The advantage of a pre-integrated app is that the installation is much easier. You can learn more about installing Custom SAML Applications in this Help Center article.

Launch Details
Release track
Launching to both Rapid Release and Scheduled Release

Editions:
Available to all G Suite editions

Rollout pace:
Gradual rollout (up to 15 days for feature visibility)

Impact:
Admins only

Action:
Admin action suggested/FYI

More Information
Help Center: Using SAML to set up federated SSO


Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Twelve third-party applications added to the G Suite pre-integrated SAML apps catalog

With Single-Sign-On (SSO), users can access all of their enterprise cloud applications—including the Admin console for admins—after signing in just one time. Google supports the two most popular enterprise SSO standards, OpenID Connect and SAML, and there are more than 800 applications with pre-integrated SSO support in our third-party apps catalog already.

We’re now adding SAML integration for 12 additional applications:

  • 15Five 
  • 4Me 
  • Clarizen 
  • Deskpro 
  • Heroku 
  • Hightail 
  • moxtra 
  • ScreenSteps 
  • Targetprocess 
  • Tinfoil 
  • UserEcho 
  • xMatters 


You can find our full list of pre-integrated applications, as well as instructions for installing them, in the Help Center

Note that apart from the pre-integrated SAML applications, G Suite also supports installing “Custom SAML Applications,” which means that admins can install any third-party application that supports SAML. The advantage of a pre-integrated app is that the installation is much easier. You can learn more about installing Custom SAML Applications in this Help Center article.

Launch Details 
Release track
Launching to both Rapid Release and Scheduled Release

Editions: 
Available to all G Suite editions and Cloud Identity customers

Rollout pace: 
Gradual rollout (up to 15 days for feature visibility)

Impact:
Admins only

Action:
Admin action suggested/FYI

More Information
Help Center: Using SAML to set up federated SSO

Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Twenty-two third-party applications added to the G Suite pre-integrated SAML apps catalog

With Single-Sign-On (SSO), users can access all of their enterprise cloud applications—including the Admin console for admins—after signing in just one time. Google supports the two most popular enterprise SSO standards, OpenID Connect and SAML, and there are more than 800 applications with pre-integrated SSO support in our third-party apps catalog already.

We’re now adding SAML integration for 22 additional applications: 7geese, Accellion, Bime, Bugsnag, Canvas LMS, Honey, Humanity, Jitbit, Kintone, Knowbe4, Kudos, Looker, Meraki, Mingle, RemedyForce, Replicon, Rollbar, Signal FX, StatusPage, Weekdone, Wrike, and Zoho CRM. 

You can find our full list of pre-integrated applications, as well as instructions for installing them, in the Help Center.

Note that apart from the pre-integrated SAML applications, G Suite also supports installing “Custom SAML Applications,” which means that admins can install any third-party application that supports SAML. The advantage of a pre-integrated app is that the installation is much easier. You can learn more about installing Custom SAML Applications in this Help Center article.

Launch Details
Release track:
Launching to both Rapid release and Scheduled release

Editions:
Available to all G Suite editions and Cloud Identity customers

Rollout pace:
Gradual rollout (potentially longer than 3 days for feature visibility)

Impact:
Admins only Action: Admin action suggested/FYI

More Information
Help Center: Using SAML to set up federated SSO

Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Eleven third-party applications added to the G Suite pre-integrated SAML apps catalog

With Single-Sign-On (SSO), users can access all of their enterprise cloud applications—including the Admin console for admins—after signing in just one time. Google supports the two most popular enterprise SSO standards, OpenID Connect and SAML, and there are more than 800 applications with pre-integrated SSO support in our third-party apps catalog already.

We’re now adding SAML integration for 11 additional applications: &frankly, Bonusly, HelloSign, Salsify, Sequr, Small Improvements, SpaceIQ, StatusHub, Symantec Web Security Service (WSS), ThousandEyes, and PurelyHR.

You can find our full list of pre-integrated applications, as well as instructions for installing them, in the Help Center.

Note that apart from the pre-integrated SAML applications, G Suite also supports installing “Custom SAML Applications,” which means that admins can install any third-party application that supports SAML. The advantage of a pre-integrated app is that the installation is much easier. You can learn more about installing Custom SAML Applications in this Help Center article.

Launch Details
Release track:
Launching to both Rapid release and Scheduled release

Editions:
Available to all G Suite editions

Rollout pace:
Gradual rollout (potentially longer than 3 days for feature visibility)

Impact:
Admins only

Action:
Admin action suggested/FYI

More Information
Help Center: Using SAML to set up federated SSO

Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Ten third-party applications added to the G Suite pre-integrated SSO apps catalog

With Single-Sign-On (SSO), users can access all of their enterprise cloud applications—including the Admin console for admins—after signing in just one time. Google supports the two most popular enterprise SSO standards, OpenID Connect and SAML, and there are more than 800 applications with pre-integrated SSO support in our third-party apps catalog already.

We’re now adding SAML integration for ten additional applications: Aha!, Atlassian Cloud, Datadog, Desk, Github Business, HackerOne, Mavenlink, Mixpanel, SpringerLink, and Springerlink Test.

You can find our full list of pre-integrated applications, as well as instructions for installing them, in the Help Center.

Note that apart from the pre-integrated SAML applications, G Suite also supports installing “Custom SAML Applications,” which means that admins can install any third-party application that supports SAML. The advantage of a pre-integrated app is that the installation is much easier. You can learn more about installing Custom SAML Applications in this Help Center article.

Launch Details
Release track:
Launching to both Rapid release and Scheduled release

Editions:
Available to all G Suite editions

Rollout pace:
Gradual rollout (potentially longer than 3 days for feature visibility)

Impact:
Admins only

Action:
Admin action suggested/FYI

More Information
Help Center: Using SAML to set up federated SSO

Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Adding ten third-party applications to the G Suite pre-integrated SSO apps catalog

Single-Sign-On (SSO) enables users to access their enterprise cloud applications—including administrators signing in to the Admin console—by signing in one time for all services. Google supports the two most popular Enterprise SSO standards, OpenID Connect and SAML. There are over 800 applications with pre-integrated SSO support in our third party apps catalog already, and we are constantly adding more.

Today, we’re adding SAML integration for ten additional applications: BambooHR, ClearSlide, Domo, Egnyte, Federated Directory, HipChat Server, Samanage, SAP Cloud Platform Identity Authentication, UserTesting, and Workfront.

You can find our full list of pre-integrated applications, as well as instructions for installing them, in the Help Center.

Note that apart from the pre-integrated SAML applications, G Suite also supports installing “Custom SAML Applications” which means that admins can install any third-party application that supports SAML. The advantage of a pre-integrated app is the installation is much easier. You can learn more about installing Custom SAML Applications in this Help Center article.

Launch Details
Release track:
Launching to both Rapid release and Scheduled release

Editions:
Available to all G Suite editions

Rollout pace:
Gradual rollout (potentially longer than 3 days for feature visibility)

Impact:
Admins only

Action:
Admin action suggested/FYI

More Information
Help Center: Using SAML to set up federated SSO

Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Easily create, delete, and rotate the X.509 certificates used with your SAML apps

SAML uses X.509 certificates to ensure the authenticity and integrity of messages shared between an Identity Provider (IdP) and Service Provider (SP). These certificates are associated with your SAML applications when you first install them via the Admin console and have a five-year lifetime. When a certificate expires, a user can’t sign in to the associated application using SAML-based SSO.

To change an application’s existing certificate (e.g. because it’s about to expire or has been compromised in some way), an admin needs to “rotate” it. Traditionally, you could do this with help from Google Support. Today, we’re giving you the ability to do so on your own in the Admin console, where you can easily view certificates in use, identify those about to expire, create new ones, and assign them to applications.

Please note that only super admins will be able to view the expiration status of SAML certificates and take action on them.

To learn more about SAML certificate rotation and how to manage certificates, please visit the Help Center.

Launch Details
Release track:
Launching to both Rapid Release and Scheduled Release

Editions:
Available to all G Suite editions

Rollout pace:
Gradual rollout (up to 15 days for feature visibility)

Impact:
Admins only

Action:
Admin action suggested/FYI

More Information
Help Center: Using SAML to set up federated SSO
Help Center: Maintain SAML certificates

Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates