👉 Configure Didomi Console in Google admin
- Login to your Google admin console.
- Go to Apps.
- Go to Web and mobile apps.
- Click Add App.
- Click Add custom SAML app.
- In app details, add App name (for example: "Didomi Console). This will be the app where all your SSO SAML settings will be done for Didomi Console.
- Click on Continue.
- Under Google identity provider details, collect the following data and keep them for later:
-
SSO URL This will be pasted in Didomi console field Login URL. X.509 Copy the certificate. - Click on Continue.
- Under Google’s Service provider details, you need to enter your SSO identifiers collected from Didomi Console:
-
ACS URL Login URL value Entity ID Configured issuer value Name ID - In Name ID format, select: EMAIL
- In Name ID, select: Basic information > Primary email
You can find this information from the Marketplace section of the Didomi console.
Go to the "Manage" tab and enter the "SSO" box.
- You will find there your SSO SAML identifiers.
- Under Attribute mapping, click Add another mapping to map additional attributes.
- Under Google Directory attributes, select: Primary Email.
- Under App attributes enter: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
- Click on Finish.
👉 Turn on Didomi Console SAML app
- Login to your Google admin console.
- Go to Apps.
- Go to Web and mobile apps.
- Select the SAML app you have configured for Didomi.
- Click on User access.
- To turn on or off the SAML app for everyone in your organization, click On for everyone or Off for everyone.
- Click on Save.
Once turned on, the changes may take up to 24h to be effective on Google side as it is mentioned in this documentation.