Part 1: Preparation work in Google Workspace
1. Login to your GSuite account (https://admin.google.com/AdminHome) with administrator credentials.
2. Click the Apps icon.
3. Click the SAML Apps icon.
4. On the SAML Apps page, click Add a service/App to your domain link.
5. Click Setup My Own Custom App.
6. On the Google IdP Information page, scroll down and click the Download button in the Section 2 - IDP Metadata section and click Next. Save the file to your local drive.
7. In the Application Name field, type Valimail. Click the Upload Logo button and upload whichever logo you prefer, from the two provided below: (right-click the logo below and save to your computer)
Valimail App Logo
8. On the Service Provider Details page, enter the following details:
- ACS URL: https://app.valimail.com/sso/consume
- Entity ID: https://app.valimail.com
- Start URL: https://app.valimail.com/users/sign_in
- Name ID Format should be set to EMAIL
Then click Next.
9. On the Attribute Mapping page, add the following mappings as depicted, then click Finish.
Note: the attribute names must exactly match those depicted -- they are case- and whitespace-sensitive.
10. The Google SSO-portion of the configuration is now complete.
11. Now login to https://app.valimail.com, click your Account Name (in the upper-right corner), and click Account Settings.
Part 2: Configuration within the Valimail Product Suite
Here you can also:
Enable JIT Provisioning (optional): Check this option to enable Just In Time (JIT) Provisioning.
Provisioning Domains (for JIT): Add one or more provisioning domains.
⚠️ If SSO was unsuccessful and you're unable to login to Valimail Enforce, just email firstname.lastname@example.org for assistance.