G Suite Single Sign On Tutorial

Flatter Files can be integrated with G Suite (formerly known as Google Apps for Business) such that users will login to Flatter Files by logging into their G Suite account. This simplifies the management of passwords for users, improves security, and allows you to give bulk access to user groups in your G Suite directory without having to manually create each individual user account in Flatter Files. When a new user logs into Flatter Files for the first time using G Suite, all existing Flatter Files Admin accounts will receive an email at which point the Admin can update the users settings as appropriate. If a user is removed from your G Suite directory they will also automatically no longer be able to access Flatter Files.

Prerequisites:

  1. Administrator access to your Flatter Files account.
  2. Administrator access to your companies G Suite account.
  3. An Administrator account that uses an email address for the login that is different from your companies email domain. Once your account is configured for Single Sign On through G Suite you must login using this method if the user’s email matches the domain configured. Thus, if a mistake occurs then it is easy to get locked out of your account. To prevent this, manually add a gmail or other generic email address to your account as a admin until the process is completed and verified to work correctly.
  4. Send an email to [email protected] to let us know the domain you plan to use for your account. We must approve the domain usage by manually adding it to a list of acceptable domains that will be used for single sign on for the configuration to work.

1. Login to G Suite and access the Admin Page

The first step is to sign in to G Suite as an administrator such that you can enable G Suite to work with Flatter Files. The steps below show you how to sign in and access the G Suite Admin page.

  • Go to admin.google.com and enter your credentials to sign in as an Administrator.
  • Once logged in as an Administrator you should see something similar to the image below.
G Suite Home Page

2. Add Flatter Files as an application for your directory

When you login using Single Sign On, Flatter Files will request the appropriate authentication from G Suite. For this to work, you must add Flatter Files as an application that your directory is authorized to communicate with.

  • Click the Apps icon (shown in image above) which will take you to the Apps page as shown below.
G Suite Admin Center
  • Click the “SAML apps” option as shown above.
  • This will display your current list of SAML apps which is likely empty. The image below shows the currently empty list of SAML Apps.
  • Click the option to “Add a service/App to your domain.”
G Suite Enterprise Applications
  • As shown below, click the option to “Setup My Own Custom App.”
G Suite App Dialog
  • Copy the SSO URL and click to download the Certificate.
  • Both the SSO URL and certificate will be used below in Step 3 to configure Flatter Files to communicate with your directory. Thus, you may want to save the SSO URL into a temporary text file for later use.
G Suite Idp Information
  • Click the next button at the bottom right to proceed to the next step shown below.
G Suite App Name
  • Enter the application name as “Flatter Files.”
  • Then in a new browser tab enter the url: https://www.flatterfiles.com/logo/icon256.png
  • This is the correctly sized logo to use for your Flatter Files entry.
  • If the image does not download automatically, then simply use File > Save Page As in the browser menu to download the image.
  • Back on the original tab for G Suite, click the “Choose File” option to select the downloaded logo.
  • Then click Next at the bottom right, which will display the image below.
G Suite SP Info
  • For the ACS URL and the Entity ID enter the value https://www.flatterfiles.com/saml
  • Change the Name ID format from Unspecified to Email.
  • The image below shows the corresponding result.
G Suite SP Info Completed
  • Click next to proceed to the Attribute page shown below.
G Suite Attributes
  • Click the button titled “Add New Mapping.”
  • The image below should now be displayed.
G Suite Attributes New
  • Enter “First Name” for the application attribute name.
  • Change the category to “Basic Information.”
  • Set the user field to “First Name.”
  • Click the “Add New Mapping” button again and repeat the process for “Last Name.”
  • The image below shows the final result once both the First Name and Last Name attributes have been added.
G Suite Attributes Completed
  • Click the Finish button at the bottom right.
  • G Suite will now display the dialog shown below.
G Suite Added Application
  • Click OK which will then display the new App listing as shown below.
G Suite Application Listing
  • By default, the new application is not actually enabled for any of your users.
  • To enable, click the three dot button at the top right of the listing to display a menu.
G Suite Application Turn On
  • Choose either the option to “Turn NO for everyone” or “ON for some organizations” depending on your preference. If the application isn’t turned on for a user then they will not be able to access Flatter Files.
  • If you turn on for everyone, you will be asked to confirm the operation.
G Suite Application Turn On Confirmation
  • Once the operation is confirmed, the completed Flatter Files listing in G Suite should match the image shown below.
G Suite Application Finished

3. Login to Flatter Files and input SAML Settings

Now that you have added Flatter Files to your G Suite SAML App Listing you must now enter the SSO information into Flatter Files.

  • Login into Flatter Files using an Administrator user account.
  • Navigate to Dashboard (1) > Settings (2) > Company Settings (3) as shown below.
Company Settings
  • Enable the option “Use SAML 2.0 for Authentication” (4).
  • Click the button “Configure SAML” (5) which will display the window shown below.
Company Saml Settings
  • Enter your companies email domain, in the example above I am using flatterfiles.net

The domain entered must be sent to [email protected] for approval. If it has not been added to the approval list then when you click Submit below to update your settings an error message indicating this issue will be shown.

  • Copy and paste the Single Sign On URL from Step 2 into the input named Identify Provider URL.
  • Open the .pem file that was downloaded during Step 2 using a text editor.
  • Copy and paste the text from the certificate obtained in Step 5 into the input named Identity Provider Certificate.
  • Click Update to save the SAML settings.

Flatter Files will now redirect all email addresses that use the specified domain to G Suite for authentication. Existing users Flatter Files passwords will no longer be useful since it is no longer possible to login directly to Flatter Files using those credentials.

4. Login to Flatter Files from flatterfiles.com

There are two ways to login to Flatter Files once SSO is enabled, from the Flatter Files website and directly from your G Suite home page. The steps below show how to login to Flatter Files from the website. To login directly from any G Suite application please see Step 5 for details.

  • To login from the Flatter Files website, simply navigate to flatterfiles.com and then click Login at the top right.
  • Assuming you are not already logged into Flatter Files a login prompt should be displayed. Click the blue button “Login w/SSO” which will display the page below.
Login SSO
  • Enter your email address and then click Submit.
  • This will send a request to G Suite to verify your identity. If necessary, G Suite will prompt you to login. Once completed you will be redirected to the Flatter Files web application.
  • Flatter Files mobile applications and Uploader also support this SSO login via G Suite and works very similarly.

It is possible to simplify this SSO login process by creating a company specific link to Flatter Files. Details on how to do this can be found by following this link. The linked tutorial will describe how to create a link that will bypass the process described above and instead will simply redirect you to G Suite for login.

5. Login to Flatter Files from GMail or other G Suite Application

Now that Flatter Files is part of your domain, there will be a Flatter Files icon in the menu launcher from all G Suite applications. Simply clicking the resulting Flatter Files shortcut will automatically log you into Flatter Files without any additional login prompt.

  • Navigate to GMail or other G Suite Application.
  • Click the square dot menu button at the top right which will display the G Suite app launcher as shown below.
G Suite Launcher
  • At the bottom of the menu click the “More” button as shown below.
G Suite Launcher
  • This will display additional application shortcuts including the shortcut to Flatter Files.
G Suite Flatter Files Shortcut
  • To access Flatter Files, simply click the shortcut and you will automatically be logged into Flatter Files and the web application will be loaded.

6. Complete

This tutorial is now complete. Your account should now be integrated with your G Suite account such that users will login to Flatter Files using their G Suite credentials. If you have any questions or need additional help please email [email protected].