Single Sign-On
SAML SSO & SCIM: Google Workspace
This document explains the process to enable SAML SSO on DeepSource using Google Workspace as the Identity Provider (IdP).
Requires Enterprise Plans
Enabling SAML SSO and SCIM requires the team to be on Enterprise Cloud or Server plans. Please reachout to your account manager (or) sales@deepsource.io for a demo.
SAML SSO
Configuring SAML SSO on Google Workspace
For now, an admin (on Google Workspace) needs to create a custom SAML integration for DeepSource Enterprise. The steps for which are as given:
- Navigate to https://admin.google.com/ac/apps/unified.
- On the menu bar, click on “Add App” -> “Add custom SAML app”.
- Fill in the following details:
Field | Value |
---|---|
App Name | DeepSource |
- Click “Continue” again.
- Assuming that DeepSource is hosted on-premise at
https://deepsource.foobar.com
, fill in the following details accordingly:
If you’re on DeepSource Enterprise Cloud, replace https://deepsource.foobar.com with https://app.deepsource.com
Field | Values |
---|---|
ACS URL | https://deepsource.foobar.com/saml2/acs/ |
Entity ID | https://deepsource.foobar.com/saml2/metadata/ |
Signed response | Yes |
Name ID format | EMAIL (choose from drop down) |
NAME ID | Basic Information > Primary email (choose from drop down) |
- In “Attributes”, add the following:
Google Directory attributes | App attributes |
---|---|
First name (choose from dropdown) | first_name |
Last name (choose from dropdown) | last_name |
- On the next screen, click on “DOWNLOAD METADATA” button. A modal will open up, clicking on “DOWNLOAD METADATA” button on the modal will ask you to download and save a
GoogleIDPMetadata.xml
file on your system.
- The file downloaded in the previous step should be hosted on a publicly accessible URL. You can either host it on your own infrastructure or an easy alternative is to paste it into a public gist on https://gist.github.com/.
Configuring SAML SSO on DeepSource
Refer to:
- Setup SAML SSO -> Configuration on DeepSource Enterprise Cloud, or,
- Setup SAML SSO -> Configuration on DeepSource Enterprise Server.
SCIM Provisioning
Google Workspace doesn’t support custom SCIM integrations.