Configure Google Workspace as a SAML SSO

Follow the steps to configure Google Workspace SAML SSO integration with Reunite.

Create an app in Google Workspace

In the Google Workspace Admin panel, navigate to Apps > Web and mobile apps.
Select Add app and choose Custom SAML app.
Fill in the form:
- App name: Redocly Reunite
- (Optional) Description: provide a description for your app.
- (Optional) Icon: upload an image as your app's icon.
Click Continue.

In Reunite, navigate to your organization's Overview page.
Select SSO and login in the navigation menu on the left side of the page.
Click Add in the Guest or Corporate Identity Provider section.
Select SAML2.
Enter a name for your identity provider.
Select the default Organization Role for users who log in with the identity provider.
(Optional) Enter the name of the Default Team.
In Single sign on URL, enter: https://auth.cloud.redocly.com/org/{your-organization-slug}/.
In Issuer ID, enter the unique identifier of the identity provider.
In x509 public certificate, paste the certificate from the identity provider.
Click Save.

In the Google Workspace, in your app's configuration, in App attribute, enter: https://redocly.com/sso/teams.
(Optional) Select groups to transmit to Reunite.
(Optional) To preserve the Owner organization role for assigned users, create a group named redocly.owners and add users that have this organization role.

Learn more about the different IdP types in Reunite and how they apply to projects in the Single Sign-on concept.
Follow steps for how to Add an identity provider in Reunite.
If you have already added multiple IdP types in Reunite, you can Configure SSO to allow your users to use multiple IdP types for a project,
For more complex scenarios where you need to grant access to specific content for specific users, you need Role-based access control (RBAC).