- Only Admins can use this feature
Setting up a new SSO integration for GSuite with SAML
You need to be an Admin for TravelPerk and GSuite to configure a new SSO integration following these steps:
- Go to Account Settings
- Select Integrations
- Find the SSO integration and click Set up
- Select SAML and click New integration
Once you've created a New integration, you'll need to configure it:
- Open your Google Admin Console and go to Apps
-
Select SAML Apps
- Click Add App and select Custom SAML App
- Give your new SAML app a name and add the configurations for your new SAML App as follows:
Your GSuite configurations for TravelPerk
- Copy the SSO URL and paste it in the IdP SSO service URL on TravelPerk
- Copy the Entity ID and paste it in the IdP entity ID on TravelPerk
- Copy the Certificate and paste it in the x509 cert on TravelPerk
- On your Google Admin Console, click Continue
TravelPerk configurations for your GSuite
- Copy the SP Assertion Consumer Service URL and paste it in ACS URL on your Google Admin Console
- Copy the SP entity ID and paste it in the Entity ID on your Google Admin Console
- Optionally you can set the StartURL with the following format: https://{yourcompanyname}.travelperk.com
- Make sure that:
- the Signed response box is checked
- the Name ID format is EMAIL
- the Name ID is Basic information > Primary email
- Click Continue
- The Attributes must be exactly the same as the following table, including capital letters and punctuation
Google Directory Attributes App Attributes First Name User.FirstName Last Name User.LastName Primary Email User.email - Click Finish
- On TravelPerk, click Create integration
Note: You need to configure the User Access from GSuite to choose who can access TravelPerk, as it is OFF for everyone by default.
For more information about customizing your SSO settings, see Customize SSO settings.