In order to activate Single Sign-On, you will need administrator access to all accounts, as well as the technical knowledge to correctly configure authentication and grant access. It may be necessary to contact the IT Manager or Lead Technician within your organization.
Step 1: Initial G Suite Setup
Click “Manage this Domain” in your Google control panel to go to Google Admin. You may be required to re-log into your account to access this area.
Click on Apps
Then click the box titled SAML Apps.
Click the link “Add a service/app to your domain”
Click the link at the bottom “SETUP MY OWN CUSTOM APP”.
This will give you the details you need to input into Way We Do. You will need this below.
Step 2: Activate Way We Do Setup
In a separate tab or window, navigate to Way We Do to copy the information from the setup screen to your account in Way We Do.
Click the 'waffle' icon in the top right corner of any page in Way We Do, then click Account in the dropdown menu.
Click Single Sign On
Enter a Single sign-on name - This name will appear on the sign-on page once the function is enabled to inform users of the single sign-on option. (e.g. Google Apps Sign-On, Acme Co. Single Sign-On, Company Login)
Enter the Identity ID - This was provided in the screen that appeared on step 5 above.
Enter the SAML SSO URL - This was provided in the screen that appeared on step 5 above.
Upload your certificate by clicking the Select button next to Certificate - The information passed between the Identity Provider and Way We Do needs to be encrypted, so a certificate is used.
Optional Settings -
Enable Passwords - This option disables the regular password function for Way We Do so that users must use single sign-on
Enable Auto-provisioning - When this is enabled, the email address used to sign-on will be automatically compared to the list of users in Way We Do. If the email address does not match a current user in Way We Do, it will create the option to automatically add a new user account for the person signing in. This is ideal for large organizations since they can simply tell users to log in and it will automatically add them as users in Way We Do.
NOTE: Users added through single sign-on are added as general users and are not assigned a role in the system. A role can be manually added, and the user can be changed to an Editor or Admin within Way We Do.
If you are happy with the settings, you will need to turn on single sign-on by clicking the toggle button over to Yes.
Click Save
Step 3: Finish G Suite Setup
Basic Information
Return to the Google setup window and click Next in the bottom right corner.
Enter the application name: Way We Do
Enter a description
Upload a logo (optional)
Click Next in the bottom right corner of the Google setup window.
Service Provider Details
Enter the ACS URL -https://[yoursubdomain].waywedo.com/SAML/AssertionConsumerService
Enter the Entity ID - https://[yoursubdomain].waywedo.com
Skip the Start URL line and the box for Signed Response
Select the Name ID Criteria - Select “Basic Information” in the first line, “Primary Email” in the second.
Select the Name ID Format - “Email”
Click Next in the bottom right corner of the Google setup window.
You will need to replace the [yoursubdomain] text with the sub-domain of your unique URL of your Way We Do account.
Attribute Mapping
Click the Add New Mapping button
Type "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" on the first line, select Basic Information on the second, and First Name on the third.
Click the Add New Mapping button again to create a new text field.
Type "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" on the first line, select Basic Information on the second, and First Name on the third.
Click Finish in the bottom right corner of the Google setup window.
Step 4: Turn On Single Sign-On
Click the menu icon at the top of the description window, then click "On for Everyone.
A confirmation box will appear. Click "TURN ON FOR EVERYONE"
The Single Sign-on setup is now complete. Your login screen for Way We Do will include the new SSO (Single Sign-On) option.
NOTE: Signing out of Way We Do will NOT automatically sign a user out of the Google account. If users are on shared computers, they will need to log out of their Google account before another user can log into Way We Do using Single Sign-On.