G Suite SSO allows G Suite organizations to have users sign in to all their applications using their managed Google account credentials. Banyan integrates with your organization’s G Suite SSO to authenticate enterprise users that need access to Banyan secured services.
In order to set up this integration, you need administrative access to G Suite and the ability to add a new SAML App.
1a. Navigate to Settings > TrustProvider Settings > Identity Provider and then set your User Identity Provider to SAML.
You will fill out these Identity Provider configuration fields after you set up the new application integration in G Suite.
1b. Take note of the Redirect URL (ACS) provided in the configuration field. You will need it for the steps in G Suite below.
2a. Log in to your G Suite Admin account.
2b. Navigate to Apps > SAML apps.
2c. Choose Setup My Own Custom App.
2d. Take note your SSO URL, download the certificate, and then click Next.
2e. Name the application Banyan TrustProvider, upload our logo, and then click Next.
2f. When asked for
ACS URL and
Entity ID, use the Redirect URL you obtained in Step 1b. Also, set the
Name ID Format to
2g. Set up the attribute mappings. Banyan requires your IDP’s returned SAML assertion to contain attributes that can be mapped to a user’s Email, Username, and Groups.
Set the Attribute Mappings as follows:
G Suite does not support transmitting groups via SAML attributes. Instead, we suggest using the Department field.
2h. Click FINISH to save the application details in G Suite
2i. Click on the Banyan TrustProvider SAML app you just created and set to ON for everyone. This will allow Banyan to federate authentication of all users in your organization to your SAML IDP.
Note: You still need to apply Policies in the Banyan Command Center to manage which users can access specific internal applications.
3a. Return to the Identity Provider page in the Banyan Command Center (Settings > TrustProvider Settings > Identity Provider) and enter the Banyan TrustProvider App parameters from G Suite:
3b. Click Update Identity Provider Config to save the settings.
That’s it! You have successfully integrated G Suite to manage your directory of users in Banyan.