How to configure Status Hero SSO with Google Workspace and SAML 2.0
Note: SSO/SAML is available in our Corporate or Enterprise plans.
Setup and Configuration
To setup your Status Hero account with SSO/SAML and Google Workspace, you'll need to take the following steps. Right now there is still a manual step on our end, so we'll need the link from the last step along with a heads-up that you would like to enable SSO/SAML with Google Workspace for your account.
Once we confirm that everything works, we'll disable password authentication and magic link sign-in capability completely for your account.
Here are the steps:
Sign in to the Admin Console of your Google Workspace account. You'll need to be a Google Workspace account administrator
Click through the "Apps - Manage apps and their settings" icon
Click on "SAML Apps"
Click on the yellow plus button on the bottom right to add a new app
In "Step 1", click on "Setup my own custom app" on the bottom:
5. In "Step 2", download the "IDP Metadata" and Send the file to us (help chat or email@example.com)
6. Then click "Next"
7. In "Step 3", add "Status Hero" as the application name. Optionally add our icon if you like, you can download it here.
8. Click "Next" to go to the next step
9. In "Step 4", carefully fill in the following fields:
ACS URL: https://statushero.com/saml/consume
Entity ID: https://statushero.com/saml/metadata
Start URL: https://statushero.com/ (note the trailing slash)
Check off "Signed Response"
Make sure "Primary Email" is selected next to Name ID
Select EMAIL for "Name ID Format"
10. On "Step 5", click "Finish", and then click "Ok" on the resulting dialog.
11. Finally enable Status Hero in Google Workspace by selecting "ON for Everyone"
We're working on provisioning users in Status Hero from Google Workspace automagically, but for now it's a two step process for each user:
Add the user in Status Hero to the first team you want them in, making sure their email address is unique and the same one you have for them in Google Workspace (or skip this step if the user already exists in Status Hero)
Make sure the user is enabled in Google Workspace for the Status Hero app. (If you turned it "ON for everyone" you'll be all set.)