Integrate Google Suite

Google Workspace SAML/SSO Integration

This guide explains how to set up SAML-based Single Sign-On (SSO) between Google Workspace (formerly G Suite) and Tallyfy to enable automated user authentication and provisioning.

Coordination Required

SSO setup requires exchanging configuration information between your organization and Tallyfy. This process cannot be completed independently. Please submit a support ticket to initiate the integration process.

Requirements

• Google Workspace administrator account with super-administrator privileges
• Tallyfy Professional or Enterprise plan
• SAML configuration values from Tallyfy Support

Implementation process overview

The integration involves three main phases:

Phase 1: Create Google Workspace custom SAML application

Step 1: Create a custom SAML application

1. Sign in to the Google Workspace Admin console ↗

2. Navigate to Apps > Web and mobile apps

3. Click Add App > Add custom SAML app

   

Step 2: Configure basic app settings

1. Enter “Tallyfy” as the application name
2. Optionally upload the Tallyfy logo
3. Click Continue to proceed to the next step

Step 3: Obtain Google Identity Provider details

1. On the Google Identity Provider details page, collect the SSO URL (Single Sign-On URL).

2. Collect the Entity ID (Issuer).

3. Download the Certificate file.

   

Step 4: Configure Service Provider details

1. Enter the Tallyfy ACS URL (Assertion Consumer Service URL) provided by Tallyfy Support.

2. Enter the Tallyfy Entity ID (Service Provider Entity ID) provided by Tallyfy Support.

3. Leave the Start URL field empty.

   

Step 5: Configure attribute mapping

Map the following user attributes:

Google Directory Attribute	App Attribute
Primary Email	email
First Name	firstName
Last Name	lastName

Click Finish to complete the application setup.

Step 6: Enable user access

1. In the application settings, go to User Access

2. Set the Service status to ON for everyone (or select specific organizational units)

   

Phase 2: Configure SAML settings

Phase 3: Complete integration with Tallyfy

Step 1: Submit SAML information to Tallyfy

1. Provide the collected SSO URL to Tallyfy Support.
2. Provide the collected Entity ID to Tallyfy Support.
3. Provide the downloaded Certificate file to Tallyfy Support.

Step 2: Configure SAML settings in Tallyfy

1. Once Tallyfy Support has processed your information, navigate to your organization settings

2. Locate the SAML configuration section

3. Enter the configuration details as provided by Tallyfy Support

   

Step 3: Enable SAML authentication

1. Toggle the SAML activation switch to enable SSO for your organization

   

User provisioning and access

Once the integration is complete:

1. Share the Tallyfy login URL with your users (available in the SAML configuration modal).

   

2. Ensure users who need access have been granted access to the SAML app in Google Workspace.

3. Existing Tallyfy users can now sign in via the shared SSO URL without requiring separate Tallyfy credentials.

4. New users will be automatically provisioned in Tallyfy upon their first login via the shared SSO URL.

Troubleshooting

If users encounter authentication issues:

• Verify the user has been granted access to the SAML app in Google Workspace
• Ensure attribute mappings are correctly configured
• Check that the user is accessing Tallyfy through the proper SSO URL
• Contact Tallyfy Support for assistance with persistent issues

Related articles

Authentication > Integrate Okta

A detailed walkthrough for implementing SAML-based Single Sign-On between Okta and Tallyfy through creating an Okta SAML application configuring authentication settings and enabling user provisioning for seamless access.

Authentication > Integrate OneLogin

SAML-based Single Sign-On integration between OneLogin and Tallyfy enables automated user provisioning through a three-phase setup process involving application creation configuration exchange and SSO testing.

Integrations > Authentication and SSO

Single Sign-On integration with Tallyfy enables seamless authentication through major identity providers while offering enhanced security automated user provisioning and centralized access management across organizations.

Authentication > Integrate Azure AD

The detailed guide outlines the complete process of setting up and configuring SAML-based Single Sign-On between Azure Active Directory and Tallyfy for seamless user authentication and automated provisioning.