Appian & Google SAML Setup

Hello All, 

We are trying to configure Google SAML as our Appian authentication provider. However, Google does not provide the private key of the certificate (It only provides the public key). Also it does not let us to upload our own Certificate public and private key. On the other hand, Appian only accepts certificates that have both private and public keys. 

As a result we are stock. I was wondering if anyone in community has setup Google SAML as their authentication service. 

  Discussion posts and replies are publicly visible

Parents
  • Hey - the SAML authentication certificate needs to be generated by you, it is not Google's IdP certificate. Google documents using OpenSSL here. We also have a Knowledge Base article KB-1108 that outlines options. From Google itself, you will only need the IdP metadata which needs to be uploaded into Appian. You will have to upload your SP metadata into Google. For more information, see the documentation.

  • We are trying to use g suite as iDP, which we can get google's iDP metadata with google's public key inside. 

    Then appian SAML side asked for public/private key pair and it is required field, it is used to sign the saml request.  But  there is no place in G Suite to accept this public key we generated when we tried to configure Appian as a SP inside G Suite interface. 

    Looks like G Suite assumed SAML request is not signed by SP,  SAML response can be signed using iDP key ( there is a checkbox for it)

    But appian side want both signed saml request and signed saml response. 

    Per SAML 2.0 specification ,  the SAML request signing is optional.  

    We want to know anyone successfully configured SAML with G Suite before ? 

Reply
  • We are trying to use g suite as iDP, which we can get google's iDP metadata with google's public key inside. 

    Then appian SAML side asked for public/private key pair and it is required field, it is used to sign the saml request.  But  there is no place in G Suite to accept this public key we generated when we tried to configure Appian as a SP inside G Suite interface. 

    Looks like G Suite assumed SAML request is not signed by SP,  SAML response can be signed using iDP key ( there is a checkbox for it)

    But appian side want both signed saml request and signed saml response. 

    Per SAML 2.0 specification ,  the SAML request signing is optional.  

    We want to know anyone successfully configured SAML with G Suite before ? 

Children
No Data