SimpleMDM integrates with G Suite using the Security Assertion Markup Language (SAML) standard. This guide will explain how to designate a G Suite account as a trusted identity provider (IdP) for authenticating administrators of your SimpleMDM account.
As the G Suite user interface may change, this guide has been written to provide a general process for getting up and running.
- First, sign into SimpleMDM and navigate to the SAML integration screen. This is currently under Accounts > Users and then the "Settings" tab. This screen provides the information that G Suite will require.
- Select the option in SimpleMDM to enable SAML. Enter a value in the "Short name" field to expose the SimpleMDM information.
- As a G Suite admin, sign into the G Suite Admin interface. Select the "Apps" option, then "SAML Apps", and finally the "Add a service/app to your domain" link.
- On the resulting screen, select "Setup my own custom app" at the bottom.
- G Suite will provide information about their SAML interface. The "SSO URL" should be copied and pasted into the "Endpoint URL" box within SimpleMDM. The "Certificate" should be downloaded, opened with a text editor, and pasted into the "X.509 fingerprint or certificate" box within SimpleMDM.
- Click "Next" within G Suite.
- G Suite will ask you how you'd like to identify the SimpleMDM app within G Suite. For "Application Name", enter "SimpleMDM" or some variant of your choosing. You may also set a description and a logo for the app if you wish. Click "Next" when finished.
- G Suite will request information about your SimpleMDM account. For "ACS URL", enter the "SAML Consumer URL" provided within SimpleMDM. For "Entity ID", enter the "Audience" value shown in SimpleMDM. For "Start URL", enter the "Sign-in Portal URL" value. Click "Next" once finished.
- The resulting screen can be skipped. Click "Finish".
- On the next screen within G Suite, click the more options button (currently designated as three stacked dots) to enable the SAML app for your domain.
- Within the SimpleMDM interface, complete the remainder of the options and click the "Save" button at the bottom of the screen.
Once this link has been established, users will find a SimpleMDM option within the "Apps" dropdown menu within Google. This can sometimes take a few minutes to appear.
