Configure Google SAML with Bridge

Overview

This document walks you through setting up SAML with Google and Bridge. Click on images to zoom.

 

Google SAML Setup

Setup a Google SAML app

1. Sign in to the Google Admin console.

2. Click Apps > SAML apps

3. Select the Add a service/App to your domain link or click the plus ( + ) icon in the bottom corner.

4. Click Setup My Own Custom SAML App.

5. The Google IDP Information window opens and the Single Sign-On URL and the Entity ID URL fields automatically populate.

6. Download the IDP Metadata  and email it to your implementation consultant or follow the remaining  steps to complete the setup yourself. Come back to the admin console and  click Next.

7. In the Basic Application Information  window, add an application name and description, you can download a  pre-formatted Bridge logo below and upload it in the Upload Logo  option.

8. Open Bridge, in another tab or window, and navigate to Admin > Account Management > Auth

9. Select Enable onSAML 2.0

10. Select the drop down option 'Identity Provider Metadata URL' and select Manual Configuration

11. Copy and pasteIdentity Provider Entity,Single Sign On URL,X509 Certificate andName ID Format URN from the Google metadata downloaded in step 6. Select Save located at the bottom.

*If you are unfamiliar with these fields, your Implementation Consultant will be able to assist*

12. After you select save the last three fields populate.Copy theACS URLandAudience URI.

13. Navigate back to Google SAML. In the Service Provider Details window, add an:

  • ACS URL (Generated in the previous step),
  • An Entity ID (Paste Audience URI from the previous step)
  • Start URL must be left blank.

14. Select Next.

15. Select Finish.

Turn on SSO to your new SAML app

  1. Sign in to your Admin console.
  2. Go to Apps > SAML apps.
  3. Select your new SAML app. At the top of the gray box, click the button with the three vertical dots and choose:
    • On for everyone to turn on the service for all users (click again to confirm).
    • Off to turn off the service for all users (click again to confirm).
    • On for some organizations to change the setting only for some users.

 

 

Testing Your Google SAML App

  1. Open an Incognito or Private Browsing window in your preferred browser.
  2. Navigate to your Bridge instance by navigating to https://{client_domain}.bridgeapp.com.
  3. Login to your Google service. You should see your Admin Dashboard or My Learning Dashboard.
  4. If you are successful in logging in, click the profile in the top right corner, in the tray that opens, click "Log Out"
  5. If you are directed to the logout page, the logout link was successful and your test was successful.

 

Troubleshooting

What You’re Seeing What’s Probably Happening How We Fix It
When you log out, there is no action, or a white screen appears.

There is not an inputted Log Out URL,

or

the Log Out URL is incorrect.

Ask your IC to double check the Log Out URL in your account settings. It should be:  https://{{client}}.bridgeapp.com/logout'
After I log in, a blue screen pops up that says "Oh Snap, It looks like you've tried to access Bridge without telling us which account you belong to."

You have inputted the wrong ACS URL,

or

you may have inputted the wrong Start URL.

Ask your IC to confirm your domain. Double check the ACS URL and Start URL to ensure that they match the settings of the Bridge SAML Google App.
After I select the Bridge application from the Google App switcher, I get an error "session_not_found".
Start URL needs to blank.
Access the Bridge service provider details in the Google admin panel and remove the Start URL. See step 13 above.

 

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request