Important: These instructions apply only to Flow on-premises.
Below is a step-by-step guide for connecting your Google SAML APPS account to Flow with SSO. Here is a list of all other SSO hosts we support.
Configuring Your Google SSO Integration
Step 1: Go to your Flow account and navigate to Settings > SSO.
Step 2: Select New SAML Integration.
Step 3: In the Configure SAML integration modal, fill out these three fields:
Metadata to obtain the correct metadata/raw xml for that field we will need to get from Google Admin console
Login URL this is the entity ID which also doubles as your login URL, you can use your company name or division or team of the company in the field, whatever is most relevant
For Google SAML Integrations, make sure this Manage Roles within Flow is checked
If you have Users that have already signed into Flow prior to setting up your SSO Integration, make sure to select Merge New Users on Email to ensure all Users are logging in via SSO. Checking this box will automatically delete the previous logins and force all existing Users to login via your SSO platform.
Fill out the Login URL field and leave this modal & tab open to come back to fill in the Metadata field.
Step 4: In a new tab, sign into Google and go to the Admin console in Google Hub for G-Suite.
Step 5: Navigate to the Apps section, the SAML apps integration is what we will be installing.
300px h 𝗑 900px w
Step 6: Select SAML Apps, then select the plus button located at the bottom right of the page.
Step 7: In the modal select Setup My Own Custom App.
Step 8: In the next modal select Option 2.
Step 9: This will download the raw XML metadata, copy this data to your clipboard and leave this tab open.
Step 10: Return to your Flow tab and paste that raw data into the Metadata field, continue to leave this tab open.
Step 11: Return to the Google Admin page and click Next on the Google IdP Information modal where you left off.
Step 12: In the next modal Basic information for your Custom App add your Application Name. The Description and Logo field here are optional and you can always come back and add them later. Click Next.
Step 13: Under Service Provider Details, fill out the following fields and click Next.
ACS URL: This is the Login URL you specified in Flow.
Your Entity ID* is the same as the ACS URL.
Step 14: Under Attribute Mapping you will create 3 attributes. Click Add New Mapping for each of the three attributes.
Step 15: Create the following three attributes as pictured in the image below. Click Finish
FirstName - Basic Information - First Name
LastName - Basic Information - Last Name
Email - Basic Information - Primary Email
Step 16: Return to the Flow Configure SAML integration tab and modal. From here add the same mapping fields you just set up in step 5, Attribute Mapping.
Step 17: Once you click Save it will take you back to the main page and you will see your login URL.
Step 18: Sign out of Flow and return to the Google Admin console, a pop up will tell you to configure data at Flow, which we have done. Click OK.
Step 19: A modal will appear. Go to the top right and select ON for everyone. By default, it is pre-set to Off.
Step 20: You have successfully connected Flow with your Google SAML APPS account. In your Google Apps section you will find the SSO login that you created. This link will take you to your Flow App settings.
Something went wrong
Two helpful tips if you are having trouble getting the App to work.
Clear out your cached files in your browser
Log out of your Google account and then log back in.
If you need help, please email firstname.lastname@example.org for 24/7 assistance.