This article outlines the steps for setting up single sign-on (SSO) for mfloow and Google Workspace.
Updated June 19, 2024
Important Considerations for Usage
- The SSO feature requires a subscription plan of "Business" or higher.
- Currently, only Service Provider-Initiated SSO is supported.
- Only users with the role of "Owner" or "Standard Administrator" are permitted to configure SSO settings.
- The SSO settings for Google Workspace can only be configured by users with the "Super Administrator" role. Please consult your company's IT administrator for further assistance.
- The email address of the administrator registered with mfloow must match the email address registered with Google Workspace.
- Even with SSO enabled, members who have already set a password can continue to log in using their email address and password.
- If members using SSO have not set a password within mfloow, they can initiate a "Password Reset" to create a password.
Setting Up SSO Authentication for mfloow (Service Provider) and Google Workspace (Identity Provider)
1. Log in to the Google Workspace Admin Console, then navigate through the menu by selecting Google Workspace > Apps > Web and mobile apps.
2. Click on "Add App" and select "Add Custom SAML App."
3. On the "App Details" screen, configure the following settings and then click the "Continue" button.
| App Name | Choose a name for the application (e.g., mfloow) |
| Description | Optional application description (e.g., Business Workflow Application) |
| App Icon | Optional application icon |
4. On the "Google ID Provider Details" screen, you will see the SAML configuration values. Open the "Single Sign-On" screen in mfloow, click the "Settings" button under "SAML SSO Configuration," and enter the required information. After entering the information, click the "Save" button. Then, return to Google Workspace and click the "Continue" button.
Google Workspace:
mfloow:
| Google Workspace | mfloow |
| Copy the "SSO URL" | SSO URL |
| Copy the "Entity ID" | Entity ID |
| Copy the "Certificate" | Certificate |
5. Refer to the SSO settings screen in mfloow while entering the following information in the "Service Provider Details" screen of Google Workspace, and then click the "Continue" button.
mfloow:
Google Workspace:
| mfloow | Google Workspace |
| ACS URL | ACS URL |
| SP Entity ID | Entity ID |
Google Workspace側の「名前 ID」セクション:
| 名前 IDの形式 |
6. Click the "Finish" button on the "Attribute Mapping" screen without making any changes to the settings.
7. After adding the mfloow application, navigate to the mfloow app details screen under "Apps" > "Web and mobile apps" in Google Workspace. Set the "Service Status" to "On" and click the "Save" button.
*The service status can be adjusted at the organizational unit level within Google Workspace, allowing for flexibility in enabling or disabling the application as needed.
8. Return to the SSO settings screen in mfloow and click the toggle to enable "SAML SSO."
9. Click the "Enable" button in the popup to complete the process.
How to Log In Using Google Workspace SSO
1. On the login screen, enter your "Company ID" and click the "Next" button.
2. On the next screen, click the "Log in with SAML SSO" button.
If you are already logged into Google Workspace:
A popup will appear, and once the process is complete, the popup will close, automatically logging you into mfloow.
If you are not logged into Google Workspace:
A popup will appear prompting you to enter your Google Workspace login credentials. Once you log in to Google Workspace, the popup will close, and you will be automatically logged into your mfloow account.
Disable Single Sign-On (SSO)
Click the toggle for "Enable SAML SSO" on the SSO settings screen in mfloow.
A confirmation popup will appear. Click the "Disable" button to turn off SSO.
