Google (G Suite) Domains
IMPORTANT: SSO will only function if the email address you use to log into Scalyr is the same as your G Suite address. In particular, if you’re using a + name in Scalyr, such as “firstname.lastname@example.org”, you won’t be able to log in using SSO. You can contact us at email@example.com to change your Scalyr login address to match your G Suite address.
To establish SSO using SAML for Scalyr login using an Administrator account and navigate to the Admin console:
- Sign into the Google admin console at https://admin.google.com.
- Click Apps and then SAML Apps. To see Apps on the dashboard, you might have to click More controls at the bottom.
- Select the Add a service/App to your domain link or click the plus (+) icon in the bottom corner.
- Click Setup my own custom App.
- The Google IDP Information window opens and the Single Sign-On URL and the Entity ID URL fields automatically populate
- Click the Download button for “IDP metadata”. You’ll need to send this file to the Scalyr team (at firstname.lastname@example.org). Also tell us the organization name you chose earlier. Click Next.
- In the Basic Information window, fill in the Application Name (“Scalyr”).
- Click Choose file next to the Upload Logo field, and upload the Scalyr logo file that you should have received along with these instructions. Click Next.
- In the Service Provider Details window, fill in:
- ACS Url (US): https://www.scalyr.com/acs
- ACS Url (EU): https://eu.scalyr.com/acs
- Entity Id: Use the SP Entity ID, which you should have received from Scalyr in the email message containing these instructions.
- US: https://www.scalyr.com/sp?organization=MYORG (replace MYORG with the organization name provided by Scalyr support). For more information, visit this page.
- EU: https://eu.scalyr.com/sp?organization=MYORG (replace MYORG with the organization name provided by Scalyr support). For more information, visit this page.
- Select email from Name ID Format dropdown
- Leave the remaining fields blank / unchecked
- Click Next.
- Click Add new mapping
- In the first field, enter “email”
- In the second field, select “Basic Information”
- In the third field, select “Primary Email”
- Click Finish.
- You’ll see an acknowledgment page telling you that “You'll need to upload Google IDP data on Scalyr administration panel to complete SAML configuration process”. Click OK.
- You should now be back on the main admin page for the Scalyr SAML integration (“Apps > SAML Apps > Settings for Scalyr”). If not, return there by going to the Google admin console, click Apps, then SAML Apps, and then Scalyr.
- In the upper-right corner of the large gray box, click the menu icon choose “On for everyone”.