Enable SAML SSO with Google Workspace Federation

  1. Go to Google Admin Console

  2. Navigate to “Web and mobile apps” (Apps → Web and mobile apps in the left menu or use this link)

  3. Create a new “Custom SAML App” (click Add app)

3a. Enter “App name” (e.g. MacStadium Portal)

3b. Download the metadata by clicking Download Metadata - Keep this file for sharing with our support team later.

3c. Configure

  3c i. **ACS URL**: `https://idp.macstadium.com/saml2/idpresponse`

  3c ii. **Entity ID**: `urn:amazon:cognito:sp:us-east-1_pusi8jHs1`

  3c iii. Configure email mapping “**Show Advanced Settings**”

  3c iv. Select `EMAIL` for **Name ID Format**

  3c v. Select `Primary email` for **Name ID**

3d. Map Primary email to email

3e. Complete the setup by pressing “Finish

  1. Provide our support team with the metadata file from step 3b