SSO via Google
SSO via SAML 2.0 is available on Custom Plans and all our 2022 new plans.
Create a new Vitally application in Google
From the 'Apps' section of your google account's admin interface, select 'Add custom SAML app':
Name the app "Vitally"
Configure Vitally using your account's subdomain, e.g. https://yoursubdomain.vitally.io (or https://yoursubdomain.vitally-eu.io if your account is EU)
Check the 'signed response' button
Set EMAIL as the Name ID format
Configure SAML Attributes
You can configure Google to send attributes about each user to Vitally that will be synced on login. Vitally supports the following attributes:
Attribute | Type | Description |
firstName | string | The user's first name |
lastName | string | The user's last name |
vitallyRole | string | Provide a string value for vitallyRole: admin, leader, team, observer |
title | string | The user's job title |
timezone | string | The user's home timezone, used for sending windows and email notifications |
avatar | string (url) | The user's profile picture |
Once you've set up Vitally as a service provider in Google, we'll need to manually enable Google as the identity provider in Vitally.
Vitally will need the following three pieces of information to finish the setup:
Identity Provider SSO URL
Identity Provider Issuer
X.509 Certificate (Download this and send as an attachment to your Vitally contact
Please send these three items to your CSM or to support via the in-app chat. We will then confirm with you once the setup has been completed and is ready for use.
Login
That's it! When Vitally has completed our server-side setup, you'll be presented with the following login screen the next time you login!
If your users have already logged in using password authentication, their existing authorization will be valid for up to a week. Ask them to log out & log back in to force SAML authentication.
Last updated