This article outlines the steps required to set up Single Sign-On [SSO] with Google authentication. Users can then use Google authentication to access the Spoke Phone mobile app, desktop app and account portal.
You will need to have an account with admin access to Google to complete this configuration.
Contents
Create and configure a Google App for Spoke Phone
Enable the Spoke Phone Google App for your users
Complete your Spoke Phone SSO configuration
NOTE: If you haven't already, you will need to verify your company domain in Google. See the following article for help: https://support.google.com/a/answer/60216?hl=en
Create and configure a Google App for Spoke Phone
- Navigate to Apps > Web and mobile apps and click Add App > Add Custom SAML App
Enter an App name, e.g.Spoke Phone
Upload an App Icon
Click CONTINUE
- Click DOWNLOAD METADATA and save the XML file locally
Click CONTINUE - In the Service Provider Details page enter:
ACS URL =https://sso.spokephone.com/saml2/idpresponse
Entity ID =urn:amazon:cognito:sp:us-east-1_QElIJGlYT
Name ID Format = Select EMAIL
Name ID = Select Basic Information > Primary email
Click CONTINUE - Complete the Attribute Mapping as follows:
Basic Information > First name =firstname
Basic Information > First name =lastname
Basic Information > Primary Email =email
Click FINISH
Enable the Spoke Phone Google App for your users
Go to the Google help article to enable the Spoke Phone App for the users you choose:
https://support.google.com/a/answer/6087519?hl=en
Complete your Spoke Phone SSO configuration
- Go to your Spoke Phone account portal online and login
- Navigate to Other > Advanced and select the SINGLE SIGN-ON tab at the top of the Advanced page
- Enter in a Company Name and select Check availability
- Select Upload and choose the file (e.g.) GoogleIDPMetadata.xml you saved earlier
- Complete the SAML Response Mapping in the Spoke Phone Account Portal as follows:
Email =email
First Name =firstname
Last Name =lastname
User Provisioning
Currently, Spoke Phone SSO does not auto-provision users. You will need to ensure you have created the users in the Spoke Phone Account portal with the matching email addresses in your Identity Provider.
TIP: You can download a list of users to a csv file and manipulate that file to upload users directly into the Spoke Account portal.
- For downloading users from Azure, see https://support.google.com/a/answer/7348070?hl=en
- For uploading users to Spoke Phone see How to bulk-add and invite users to Spoke Phone by email address