> For the complete documentation index, see [llms.txt](https://docs.decisionrules.io/doc/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.decisionrules.io/doc/v1/on-premise-docker/setting-up-sso/set-up-google-sso.md). # Set up Google SSO **Create custom SAML Application** In the Google admin portal navigate to **Apps** -> **Web and mobile apps** -> **Add app -> Add custom SAML app**. ### App details Once there choose a name for the app and optionally a description and icon. Click on Continue ### Google Identity Provider details In the next step, you will see the SSO URL, Entity ID and Certificate. From these values, save the **SSO URL** and **Certificate** that we will need later. Click Continue. ### Service provider details In the next step, set the necessary information and save it for later. * For the **Entity ID** you can put in any easily identifiable name. * For the **ACS URL** put the address of your server (API) container with "/saml/callback" following. * example: "*"* * For the **Name ID format** choose **EMAIL** * For the **Name ID** choose **Basic Information > Primary email**
Click Continue. ### Attribute mapping Leave as is, no need to set anything up. ### Environment Variables These are the environment variables you will have to provide to your server container. These environment variables are from previous steps. Alternatively, you can find them in the application details in the Service provider details and Manage certificates in this section * SAML\_ISSUER - **Entity ID** * SAML\_CALLBACK\_URL - **ACS URL** * SAML\_CERT - **Certificate** * SAML\_ENTRY\_POINT - **SSO URL** {% hint style="warning" %} The SAML\_CERT has to be provided as a single line argument without the \------ BEGIN/END Certificate ------ More about SSO Environment variables [here](/doc/v1/on-premise-docker/containers-environmental-variables.md#optional-server-environment-variables). {% endhint %} ### Adding Groups In the created custom SAML application click on User Access. * Click on Groups * Search for a group a click on it. * Change **Service status** to **ON.** You can find more basic information with examples here: [Setup Single Sign-On (SSO)](/doc/v1/on-premise-docker/setting-up-sso.md) --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.decisionrules.io/doc/v1/on-premise-docker/setting-up-sso/set-up-google-sso.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.