• Home
  • Integrations
  • SDKs
  • Guides
  • API docs
    No results for ""


    Google Apps

    Read time: 2 minutes
    Last edited: Dec 21, 2022


    This topic explains how to configure Google Apps to support SSO in LaunchDarkly.


    To configure SSO for LaunchDarkly using Google Apps, you must complete the following prerequisite:

    • Configure SAML for authentication. For more information, read the Google knowledge base.

    Use the table below to configure Google fields for LaunchDarkly:

    Google fieldLaunchDarkly setting
    ACS URLUse LaunchDarkly's Assertion Consumer Service URL value.
    Entity IDUse LaunchDarkly's Entity ID value.
    Start URLUse LaunchDarkly's Start URL value.
    Signed ResponseCheck this box.
    Name IDSelect "Basic Information" and "Primary Email"
    Name ID FormatSelect "EMAIL"
    Attribute MappingEnter role as the application attribute, and select the custom user attribute that corresponds to the desired role.

    Configuring SSO for LaunchDarkly with Google Apps

    Before you create the LaunchDarkly app in Google Apps, you must create the LaunchDarkly specific fields for roles and custom roles.

    To configure these fields:

    1. Log into Google Apps.
    2. Navigate to your user directory by clicking Directory and then Users.
    3. Click the Manage user attributes icon. A popup screen appears:
    The "Manage user attributes" icon.
    The "Manage user attributes" icon.
    1. Select Add Custom Category.
    2. Name the custom category whatever you like. The example below uses LaunchDarkly Attributes.
    3. Add role and customRoles fields:
    The "LaunchDarkly Attributes" screen.
    The "LaunchDarkly Attributes" screen.
    Allow multiple values for custom roles

    Set the Multiple values field for customRoles to "Yes". Some account members may have more than one custom role, which requires multiple values.

    Adding LaunchDarkly as a custom SAML application

    Next, you must add LaunchDarkly to your Google Apps apps.

    To add LaunchDarkly:

    1. Log into Google Apps.
    2. Navigate to Apps > SAML Apps.
    3. Click the plus button to Add an app.
    4. Select Setup my own Custom App to configure LaunchDarkly. The setup workflow initiates.
    5. In step 2 of the workflow, copy the information from the setup workflow. You'll need to add this into LaunchDarkly's Security tab under Edit SAML Configuration:
    The Google IdP information window.
    The Google IdP information window.
    1. In step 3, enter the name of the app.
    2. In step 4 of the workflow, provide the Assertion consumer service URL, entity ID, and start URL for your LaunchDarkly account:
    LaunchDarkly's service provider details.
    LaunchDarkly's service provider details.

    To find them, click Edit your SAML configuration on the LaunchDarkly Security tab:

    LaunchDarkly's SAML Configuration panel.
    LaunchDarkly's SAML Configuration panel.
    1. In step 5, map the LaunchDarkly attributes firstName and lastName to Google’s “Basic Information” fields "First Name" and "Last Name." Map the LaunchDarkly attributes role and customRoles to Google's "LaunchDarkly Attributes" fields "Role" and "Custom Roles". These mappings are shown below:
    The Attribute Mappings screen.
    The Attribute Mappings screen.
    Names are case sensitive

    In the screenshot above, the names in the left-hand columns map to those present in LaunchDarkly. You must name them exactly as shown or configuration will fail.

    You've successfully connected LaunchDarkly to Google Apps.

    Assigning roles and custom roles with Google Apps

    Now that the application is configured, you can assign roles.

    To assign roles:

    1. Log into Google Apps.
    2. Navigate to Directory > Users.
    3. Click on the Google Apps user that you want to assign roles to and choose Account to bring up the user's account settings.
    4. Click Edit beneath “Manage user attributes” to add the user’s role(s) to the corresponding attribute fields:
    The "Update User" screen.
    The "Update User" screen.
    1. Click Update User.

    The next time this user logs into LaunchDarkly through Google Apps, their roles will update. If this is a brand new LaunchDarkly account member, an account will be created automatically with the roles you specified.

    Removing existing roles

    SAML ignores empty fields if used in Roles or customRoles. To clear all existing roles, enter an empty string "" into the field.