• An existing G Suite instance with at least one user or user group already defined that you would like to utilize SSO with.
• Silo Admin Console access for the org you wish to setup SSO with.
A8 Admin Console
1. Define your vanity URL e.g. mitchmurray (fictional customer) by editing your Org name.
2. Enable SAML
3. Download the SP Encryption Certificate SP_cert.crt to your computer.
4. Do not hit Save, leave page open.
Google Admin Portal
1. Open Google Admin Console (at admin.google.com)
2. Select the APPS Icon, then select SAML apps.
3. Select the yellow ‘+’ icon in the lower right corner
4. Select the blue “Setup My Own Custom APP”
5. Use Option 1. Copy the SSO URL and Entity ID to a notepad.
6. Download a copy of the Google Certificate, select Next.
7. Name your Application, e.g. A8 Silo, select Next.
8. Copy the SP Post Back URL from the A8 Admin console and paste it to the ACS URL field in the Google Admin Console.
9. Copy the SP Identity ID value from the A8 Admin console and paste it to the Entity ID field in the Google Admin console.
10. Select the “Signed Response” check box,
11. Set the NAME ID format to email, select Next, then select Finish.
Required - Assign Users
• From the G Suite Admin console (at admin.google.com)...
• Select SAML Apps
• Select the SAML App you just created.
• At the top right of the gray box, click Edit Service .
• To turn on or off a service for everyone in your organization, click On for everyone or Off for everyone, and then click Save.
• To turn on or off a service only for users in an organizational unit:
• On the left, select the organizational unit.
• Select On or Off.
A8 Admin Console
Transfer the following information from the G Suite Admin Console to the A8 Admin Console
1. For Idp Issuer: Enter the Entity ID from G Suite
2. For IdP Login URL: Enter the SSO Logon URL from G Suite
3. IdP Signing Certificate: Upload the G Suite signing Certificate
4. Click Save.
Make sure that you have the correct registry settings in place according to the SAML SSL for SILO Access document on the support site.
PERMISSIONDENIED: FAILED TO PARSE SAML IDP TOKEN: 'NONETYPE' OBJECT HAS NO ATTRIBUTE 'ATTRIB'
• Ensure you have set your Signing Option to Sign SAML response
Failed to Parse SAML Token
• Ensure that the user you are trying to sync exists in Silo and G Suite with the same email address
• Ensure the Correct signing certificate has been uploaded to Silo Admin Console
User Not Found
• Your user may not be provisioned with their email address in G Suite matching their Silo username.
*Note: Authentic8 makes no warranty on third-party software. We assume no responsibility for errors or omissions in the third-party software or documentation available. Using such software is done entirely at your own discretion and risk.