- Only Admins can use this feature
Setting up a new SSO integration for GSuite with SAML
You need to be an Admin on TravelPerk and GSuite to configure a new SSO integration following these steps:
- Go to Account Settings
- Select Integrations
- Find the SSO integration and click Set up
- Select SAML and click New integration
Once you've created a New integration, you'll need to configure it:
- Open your Google Admin Console and go to Apps
-
Select SAML Apps
- Click Add App and select Custom SAML App
- Give your new SAML app a name and add the configurations for your new SAML App as follows:
Your GSuite configurations for TravelPerk
- Copy the SSO URL and paste it into the IdP SSO service URL on TravelPerk
- Copy the Entity ID and paste it into the IdP entity ID on TravelPerk
- Copy the Certificate and paste it into the x509 cert on TravelPerk
- On your Google Admin Console, click Continue
TravelPerk configurations for your GSuite
- Copy the SP Assertion Consumer Service URL and paste it into the ACS URL on your Google Admin Console
- Copy the SP entity ID and paste it into the Entity ID on your Google Admin Console
- Optionally, you can set the Start URL with the following format: https://{yourcompanyname}.travelperk.com
- Make sure that:
- the Signed response box is checked
- the Name ID format is EMAIL
- the Name ID is Basic information > Primary email
- Click Continue
- The Attributes must be exactly the same as the following table, including capital letters and punctuation
Google Directory Attributes App Attributes First Name User.FirstName Last Name User.LastName Primary Email User.email - Click Finish
- On TravelPerk, click Create integration
Note: You must configure the User Access from GSuite to choose who can access TravelPerk, as it is OFF for everyone by default.
For more information about customizing your SSO settings, see Customize SSO settings.