SAML Integration With Google | SAML - Zoho Accounts

Accessing Zoho via Google using SAML

You can use Google as an identity provider (IdP) to access Zoho applications. Google IdP is a user management platform for Google Apps and services.

Required items from Google

You will need the following items from Google to configure SAML in Zoho. You can follow the configuration steps to get these from Google.
  1. Certificate
  2. SSO URL

Steps to configure SAML

  1. Sign in as an administrator to your Google Admin Console.
  2. Click Apps in the left menu, then click Web and mobile apps.
  3. Click Add App, then click Add custom SAML app.
  4. Enter a name for the app, then click Continue. Add an app icon, if needed.
  5. Copy and save the SSO URL and the Certificate.
  6. Sign in to your Zoho account at accounts.zoho.com.
  7. Configure SAML in your Zoho account using the SSO URL and the Certificate downloaded from Google.
    1. Paste the copied SSO URL in the Sign-in URL field.
    2. Paste the Certificate in the X.509 Certificate field. Make sure the certificate is in one of these formats: based-64 coded .cer, .crt, .cert, or .pem file
  8. Once you have configured SAML in Zoho Accounts, download the metadata file and open it using your browser.
  9. From the metadata file, copy the Entity ID and ACS URL.
  10. Return to your Google Admin Console and click Continue.
  11. Paste the Entity ID and the ACS URL in their relevant fields.
  12. Click Continue. You can configure attribute mapping next, if needed.
  13. Click Finish.

Assign users to the app in Google

Your users in Google can use this newly configured Zoho app to sign in to Zoho. But before that, you need to assign your users to this app. Refer to the section Turn on your SAML app in the following Google article to enable the app for your users.

Test the SAML configuration

You can test if the configuration is working properly using the following steps.

SP-initiated flow:
  1. Go to your Zoho sign-in page.
  2. Enter your email address, then click Next. You will be redirected to Google for authentication.
  3. If you are not signed in to Google already, enter your Google credentials to sign in. You will now be redirected back to Zoho and will be signed in.
IdP-initiated flow:
  1. Sign in as an administrator to your Google Admin Console.
  2. Click Apps in the left menu, then click Web and mobile apps.
  3. Select the SAML app you have configured for Zoho.
  4. Click TEST SAML LOGIN. A new tab will open and you will be redirected and signed in to Zoho.
If you encounter any error while signing in using SAML, refer to our troubleshooting guide.