SAML SSO & SCIM: Google Workspace

This document explains the process to enable SAML SSO on DeepSource using Google Workspace as the Identity Provider (IdP).


Requires Enterprise Plans

Enabling SAML SSO and SCIM requires the team to be on Enterprise Cloud or Server plans. Please reachout to your account manager (or) [email protected] for a demo.


Configuring SAML SSO on Google Workspace

For now, an admin (on Google Workspace) needs to create a custom SAML integration for DeepSource Enterprise. The steps for which are as given:

  1. Navigate to
  2. On the menu bar, click on "Add App" -> "Add custom SAML app".
  1. Fill in the following details:
App NameDeepSource
  1. Click "Continue" again.
  2. Assuming that DeepSource is hosted on-premise at, fill in the following details accordingly:


Note for Enterprise Cloud Users

If you're on DeepSource Enterprise Cloud, replace with

Entity ID
Signed responseYes
Name ID formatEMAIL (choose from drop down)
NAME IDBasic Information > Primary email (choose from drop down)
  1. In "Attributes", add the following:
Google Directory attributesApp attributes
First name (choose from dropdown)first_name
Last name (choose from dropdown)last_name
  1. On the next screen, click on “DOWNLOAD METADATA” button. A modal will open up, clicking on “DOWNLOAD METADATA” button on the modal will ask you to download and save a GoogleIDPMetadata.xml file on your system.
  1. The file downloaded in the previous step should be hosted on a publicly accessible URL. You can either host it on your own infrastructure or an easy alternative is to paste it into a public gist on

Configuring SAML SSO on DeepSource

Refer to:

SCIM Provisioning

Google Workspace doesn't support custom SCIM integrations.