Skip to content
Tallyfy

Integrate Google Workspace

Administrators only

Google Workspace SAML/SSO integration

Connect Google Workspace (formerly G Suite) with Tallyfy using SAML-based Single Sign-On. Your users authenticate with their Google credentials - no separate Tallyfy passwords needed.

Requirements

  • Google Workspace admin account with super-administrator privileges
  • Tallyfy Pro or Enterprise plan
  • SAML configuration values from Tallyfy Support

Phase 1 - Create a custom SAML app in Google Workspace

Step 1: Create a custom SAML application

  1. Sign in to the Google Workspace Admin console

  2. Go to Apps > Web and mobile apps

  3. Click Add App > Add custom SAML app

    Google Admin Add custom SAML app menu for SSO setup

Step 2: Configure basic app settings

  1. Enter “Tallyfy” as the application name
  2. Optionally upload the Tallyfy logo
  3. Click Continue

Step 3: Collect Google identity provider details

  1. On the Google Identity Provider details page, copy the SSO URL (Single Sign-On URL).

  2. Copy the Entity ID (Issuer).

  3. Download the Certificate file.

    Google Admin Identity Provider details with SSO URL and certificate

Step 4: Configure service provider details

  1. Enter the Tallyfy ACS URL (Assertion Consumer Service URL) provided by Tallyfy Support.

  2. Enter the Tallyfy Entity ID (Service Provider Entity ID) provided by Tallyfy Support.

  3. Leave the Start URL field empty.

    Google Admin SAML service provider details with Tallyfy ACS URL

Step 5: Configure attribute mapping

Map these user attributes exactly as shown:

Google Directory AttributeApp Attribute
Primary Emailemail
First NameFirstName
Last NameLastName

Click Finish. That’s it for the Google side.

Step 6: Enable user access

  1. In the application settings, go to User Access

  2. Set Service status to ON for everyone (or pick specific organizational units)

    Google Admin service status toggle for the Tallyfy SSO app

Phase 2 - Send your SAML details to Tallyfy

  1. Send the collected SSO URL to Tallyfy Support.
  2. Send the collected Entity ID to Tallyfy Support.
  3. Send the downloaded Certificate file to Tallyfy Support.

Phase 3 - Complete the integration in Tallyfy

Step 1: Configure SAML settings in Tallyfy

  1. Once Tallyfy Support processes your information, go to your organization settings

  2. Find the SAML configuration section

  3. Enter the configuration details Tallyfy Support provides

    Tallyfy SAML configuration form with numbered identity provider fields

Step 2: Enable SAML authentication

  1. Toggle the SAML activation switch to turn on SSO for your organization

    Tallyfy Org Settings row to enable SSO and SAML

User provisioning and access

After you finish the integration:

  1. Share the Tallyfy login URL with your users (you’ll find it in the SAML configuration modal).

    Tallyfy SAML settings showing SP Entity ID and login URL fields

  2. Confirm you’ve granted access to the SAML app in Google Workspace for users who need it.

  3. Existing Tallyfy users sign in through the shared SSO URL - no separate passwords required.

  4. New users are automatically provisioned in Tallyfy on their first SSO login.

How the authentication flow works

Here’s the full SAML authentication flow after configuration is done.

Diagram

Key points:

  • Automatic provisioning - New users are created on first login (step 9a). No manual account setup needed.
  • Attribute mapping - The email, FirstName, and LastName attributes from step 7 control how accounts are created and matched.
  • Single authentication point - Users only authenticate with Google (steps 4-5), never entering Tallyfy passwords.

Troubleshooting

Running into authentication problems? Check these:

  • Has the user been granted access to the SAML app in Google Workspace?
  • Are the attribute mappings correct? Double-check the table above - case matters.
  • Is the user accessing Tallyfy through the right SSO URL?
  • Still stuck? Contact Tallyfy Support.
Get in touch
About Tallyfy