Step 1: Enable SSO in Plecto
Go to Organization > Settings.
Find the Single Sign-On section and click Enable SSO. You will see an ACS URL and an EntityID, which you'll have to use shortly. Keep this tab open.
In a separate browser tab, open Google Admin Console and move to Step 2.
Step 2: Configure Google Admin Console
Go to Security > Authentication > SSO with Google as SAML IdP and make sure you have a certificate you can use. Otherwise, click Add certificate to add a new certificate.
Next, navigate to Apps > Web and mobile apps, then click Add App > Add custom SAML app.
Fill out the app details, then click Continue.
Fill out the required service provider details:
ACS URL and Entity ID – Open your Plecto tab and copy both URLs from Plecto to the required fields in Google. Both URLs have to start with https://
Name ID format – EMAIL
Name ID – Basic information > Primary email
Don't add any Attributes.
Keep this tab open. Now you have two tabs open – one of Plecto and the other of Google. Move to Step 3.
Step 3: Finish setting up SSO in Plecto
In the Plecto browser tab, fill out the following details:
Provide SAML settings – Manually
SAML login URL – Insert the SAML URL from the Plecto app in your Google Admin Console.
SAML certificate – Insert the SAML certificate from the Plecto app in your Google Admin Console.
(Optional) Allow SAML provisioning – If enabled, employees with access to SSO will automatically be created when trying to log in to Plecto.
Click Save in the bottom-right corner to finish.