This article is intended for administrators.
- ☝️ Enable SAML integration for your Elevo space
- ⚙️ Add Elevo as a SAML Application
- 📥 Activate the new SAML application for all
- 💾 Upload iDP metadata to Elevo
- 🔗 Frequently encountered errors with the Google Workspace SSO connection
Elevo allows you to use your Google Workspace login to connect. To do this, you'll need to do a little configuration on both sides (Elevo and Google Workspace).
☝️ Enable SAML integration for your Elevo space
First, contact our email@example.com who will provide you with the following information:
- ACS Dedicated URL
⚙️ Add Elevo as a SAML Application
1️⃣ Log in to your Google Workspace admin console and select “Web and mobiles apps”
2️⃣ Click on "Add app", then "Add custom SAML app" in the drop-down menu
3️⃣ A window will open, indicate the elements below in the corresponding fields then go to the next step by clicking on "Continue".
- App name : Elevo
- Description : Elevo – People Management Platform
- Upload Logo : Download Elevo's logo
4️⃣ Here choose option 1 "Download IdP metadata" by clicking on the "Download Metadata" button. This will download a file "GoogleIDPMetadata-youdomain.xml" that you will have to send us. Then click on the "Continue" button.
5️⃣ Fill in the following fields:
- ACS URL: The URL we have provided to you
- Entity ID : https://app.elevo.fr/sp
- Name ID Format : EMAIL
- Name ID : Basic information > Primary email
Then click on the "Continue" button
6️⃣ There is nothing to fill in at this time, you can click on "Finish".
📥 Activate the new SAML application for all
Now that your SSO configuration is in place you need to activate the application for all your users.
Go to "Apps" then "Web and mobile apps", select the Elevo App you just created, click on "Expand user access".
Make sure here that the application is activated for everyone "ON for everyone".
This will show up as below in your Apps list once it is properly set up.
💾 Upload iDP metadata to Elevo
Contact us directly via firstname.lastname@example.org to upload the "GoogleIDPMetadata-youdomain.xml" file you downloaded earlier.
Your environment is now set up and SSO authentication is ready to use on Elevo.
However, if you encounter any problems during this process, please contact us directly at email@example.com so that we can assist you.
🔗 Frequently encountered errors with the Google Workspace SSO connection
403. That's an error - Error: app_not_configured_for_user
This error means that the user did not use the right Google account in order to log in. This can happen when the user has several mails with different domain names.
This error indicates that the certificate for setting up the SSO connection has expired.
- If you are a user, contact your HR team.
- If you are an Elevo Administrator, contact Elevo Support.
Sample message to send to your HR team or Elevo Support:
As a user ➡️ The SSO certificate for Elevo login appears to have expired. Can you take care of updating it ?
As an admin ➡️ The SSO certificate for Elevo login appears to have expired. Can you send us the ACS Dedicated URL ?