📘
Requires Enterprise Plans
Enabling SAML SSO and SCIM requires the team to be on Enterprise Cloud or Server plans. Please reachout to your account manager (or) [email protected] for a demo.

SAML SSO

Configuring SAML SSO on Google Workspace

For now, an admin (on Google Workspace) needs to create a custom SAML integration for DeepSource Enterprise. The steps for which are as given:

Navigate to https://admin.google.com/ac/apps/unified.
On the menu bar, click on "Add App" -> "Add custom SAML app".

Fill in the following details:

Field	Value
App Name	DeepSource

Click "Continue" again.
Assuming that DeepSource is hosted on-premise at https://deepsource.foobar.com, fill in the following details accordingly:

🚧
Note for Enterprise Cloud Users
If you're on DeepSource Enterprise Cloud, replace https://deepsource.foobar.com with https://app.deepsource.com

Field	Values
ACS URL	`https://deepsource.foobar.com/saml2/acs/`
Entity ID	`https://deepsource.foobar.com/saml2/metadata/`
Signed response	Yes
Name ID format	EMAIL (choose from drop down)
NAME ID	Basic Information > Primary email (choose from drop down)

In "Attributes", add the following:

Google Directory attributes	App attributes
First name (choose from dropdown)	`first_name`
Last name (choose from dropdown)	`last_name`

On the next screen, click on “DOWNLOAD METADATA” button. A modal will open up, clicking on “DOWNLOAD METADATA” button on the modal will ask you to download and save a GoogleIDPMetadata.xml file on your system.

The file downloaded in the previous step should be hosted on a publicly accessible URL. You can either host it on your own infrastructure or an easy alternative is to paste it into a public gist on https://gist.github.com/.

Configuring SAML SSO on DeepSource

Refer to:

SCIM Provisioning

Google Workspace doesn't support custom SCIM integrations.