Google Workspace SAML setup

Enable your Google Workspace (formerly G Suite) users to access Trelica with Single-Sign-On (SSO).

Adding Trelica to Google Workspace

Create the SAML application in Google Workspace

Log in to your Google Admin Console and select Apps.
Select Web and mobile apps.
Click Add App and select Add custom SAML app.
If you cannot see Add custom SAML app in the list then you will need to enable Cloud Identity on your Google Workspace Account.
In the App name field enter Trelica. You can download a Trelica logo to upload as the App icon.
Click Continue.

Google Identity Provider details

Click Option 1: Download Metadata to download the Google IDP metadata. This is a file which tells Trelica how to configure the Google Workspace SAML connection:

Configuring Trelica

The next step involves putting the IDP metadata you downloaded from Google Workspace into Trelica.
Open Trelica in a new browser tab, as you will need to switch back to Google Workspace shortly.
Log in to your Trelica site, and then go to Admin > Settings > Users > SAML providers:
Click New. The New SAML Identity Provider dialog is displayed.
In the Name field enter Google Workspace and ensure the Metadata type is set to Metadata.
Open the IDP metadata that you downloaded from Google Workspace in a text editor (e.g. Notepad or Visual Studio Code), and cut Ctrl + Xand paste Ctrl+ V the contents of the file into the Metadata field.
Click Create.

Finalizing configuration in Google Workspace

Leave Trelica open in another tab, and go back to Google Workspace and click Continue to move to the third step, Service Provider Details.
For this step you will need the ACS URL and the Entity ID from Trelica. You can see these on the Users Settings page:

Service Provider details

Click the copy icons next to each of the URLs in Trelica to copy them to the clipboard. Go back to the Google Workspace tab and paste Ctrl + V them in to the applicable fields.
Under the Name ID section make sure the Name ID Format is set to EMAIL and the Name ID is set to Basic information > Primary email.
Click Continue.

Attribute mapping

Using the Add Mapping button, add two attributes:
Google Directory attribute
App (Trelica) attribute
First name
Last name
Click Finish.


Your new application will appear in Google Workspace. Click through on the Trelica application in the table.
Use the User access section to enable the Trelica SSO link and assign it to users.
Click Test SAML login to test that the connection is working.
If any settings are wrong then you can come back at any point and modify them here.
We recommend assigning Trelica to a test user account.
Log in as your test user, and now go to the Google Workspace dashboard and you should see the Trelica application:
Click the Trelica icon. After a short pause, you should be automatically logged in to Trelica.