Custom Authentication- Google | Admin Guide - Zoho One

Custom authentication with Google

Custom authentication with Google enables SAML-based single sign-on (SSO) from Google to Zoho One. With SSO, you and your employees can sign in to Google and access Zoho One directly, without having to sign in to Zoho One.

To set up custom authentication with Google:
  1. Sign in to your Google Admin console using an administrator account.
  2. Click Apps.
  3. Click Web and mobile apps.
  4. Click Add App, then click Add custom SAML app
  5. In the App Details page, name your app as "Zoho One" and you can upload the app's icon optionally.
  6. Click Continue.
  7. In the Google Identity Provider details page, copy the SSO URL  and download the Certificate and use that information to set up SAML in Zoho One.
    1. Enter SSO URL under Sign-in URL.
    2. Upload Certificate under Verification Certificate.
  8. Click Continue.
  9. In the Service Provider Details window, enter the ACS URL, Entity ID, Start URL, and Name ID Format.
    1. You can find the ACS URL in Zoho One's Custom Authentication page. 
    2. The Entity ID is zoho.com
    3. The Start URL is https://one.zoho.com/
    4. Select the Signed Response checkbox.
    5. The Name ID Format to be selected is EMAIL
  10. Click Continue. The Attribute Mapping page is optional, and can be configured if you need any custom attributes in the SAML Response.
  11. Click Add another mapping and enter a new name for the attribute you want to map. In the Google Directory Attributes, click Select field to select a field name and in App attributes enter the respective attribute for your SAML app.
  12. Click Finish.