Google Workspace

This document explains the process to enable SAML SSO on DeepSource using Google Workspace as the Identity Provider (IdP).

Requires Enterprise Plans

Enabling SAML SSO and SCIM requires the team to be on Enterprise Cloud or Server plans. Please reachout to your account manager (or) sales@deepsource.io for a demo.

SAML SSO

Configuring SAML SSO on Google Workspace

For now, an admin (on Google Workspace) needs to create a custom SAML integration for DeepSource Enterprise. The steps for which are as given:

Navigate to https://admin.google.com/ac/apps/unified.
On the menu bar, click on "Add App" -> "Add custom SAML app".

Fill in the following details:

Field	Value
App Name	DeepSource

Click "Continue" again.
Assuming that DeepSource is hosted on-premise at https://deepsource.foobar.com, fill in the following details accordingly:

If you're on DeepSource Enterprise Cloud, replace https://deepsource.foobar.com with https://app.deepsource.com

Field	Values
ACS URL	`https://deepsource.foobar.com/saml2/acs/`
Entity ID	`https://deepsource.foobar.com/saml2/metadata/`
Signed response	Yes
Name ID format	EMAIL (choose from drop down)
NAME ID	Basic Information > Primary email (choose from drop down)

In "Attributes", add the following:

Google Directory attributes	App attributes
First name (choose from dropdown)	`first_name`
Last name (choose from dropdown)	`last_name`

On the next screen, click ”DOWNLOAD METADATA” and save the GoogleIDPMetadata.xml file.

The file downloaded in the previous step should be hosted on a publicly accessible URL. You can either host it on your own infrastructure or an easy alternative is to paste it into a public gist on https://gist.github.com/.

Configuring SAML SSO on DeepSource

Refer to:

SCIM Provisioning

Google Workspace doesn't support custom SCIM integrations.

SAML SSO

Configuring SAML SSO on Google Workspace

Configuring SAML SSO on DeepSource

SCIM Provisioning

On this page