Single Sign On

Google G Suite



Notes

These instructions are accurate as of October 2017. As Google may make changes to the G Suite user interface at any time you may find that some aspects of this step by step such as button and screen names may not align completely with G Suite. If you notice any misalignment, please let us know so that we can keep these instructions as up to date and accurate as possible.


Step 1 - Download the Skills Base SAML metadata

  1. Log into Skills Base using your shortcut link
  2. Click Admin > Authentication
  3. For “Single Sign-On” select “SAML2”
  4. Click “Download the Service Provider (SP) metadata for this instance”
  5. Save the file somewhere for use later


Step 2 - Set up the G Suite App

  1. Go to the Google Admin Console: https://admin.google.com
  2. Click “Apps”
  3. Click “SAML apps”
  4. Click either “Add a service/App to your domain”, or click the yellow circle with the plus (+) icon in the bottom right-hand corner (depending on which option you see).
  5. Click “SETUP MY OWN CUSTOM APP” at the bottom of the window
  6. Google IdP informationwindow:
    1. Click the “Download” button next to “IDP metadata”. Save this file for use later and then click “Next”
  7. Basic information for your Custom Appwindow:
    1. For “Application name” enter “Skills Base” and click “Next”
  8. Service Provider Detailswindow:
    1. Using a text editor, open the Skills Base metadata file that you downloaded in step 1 (Note: Not the one you just downloaded from G Suite, but the one you downloaded from Skills Base earlier)
    2. Look for the tag that starts with: <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    3. Copy the URL from the “Location” attribute of the above tag. It should start with https://saml.skills-base.com/....
    4. Paste the URL you copied into the “ACS URL” field in the “Service Provider Details” window
    5. Look for the tag that starts with: <md:EntityDescriptor
    6. Copy the value from the "entityID" attribute of the above tag.
    7. Paste the value you copied into the “Entity ID” field.
    8. For the "Start URL” field enter your Skills Base shortcut link which you can get from Admin > Settings in Skills Base
    9. For name ID select “Basic information” and “Primary Email"
    10. For “Name ID Format” select “Email”
    11. Click Next
  9. Attribute Mappingwindow:
    1. Click “Add new mapping” 3 times and complete as follows, before clicking "Finish"
Email Basic information Primary Email
givenName Basic information First Name
surname Basic information Last Name


Step 3 - Activate the App in G Suite

  1. Click “Apps”
  2. Click “SAML apps”
  3. Next to the Skills Base app, click the three dots on the right hand side and depending on your preference select either “ON for Everyone” or "ON for some organizations".


Step 4 - Upload the G Suite metadata into Skills Base

  1. Using a text editor, open the G Suite Metadata file that you downloaded from G Suite in step 2
  2. Copy the entire contents
  3. In Skills Base head to Admin > Authentication
  4. If not already selected, for “Single Sign-On select “SAML 2”
  5. Click the “Configure now” button.
  6. In the text box that appears, paste the G Suite XML metadata and click “Save”


Accessing Skills Base via Single Sign On

To access Skills Base via G Suite Single Sign On, use your Skills Base shortcut link. You will automatically be redirected to G Suite for authentication.