Let’s see how to enable Single Sign-on with Google Workspace and TeamDesk.

Single Sign-on functionality in TeamDesk is available in Enterprise editions running either on TeamDesk subdomains or custom domain names. In this guide we’ll be referring to our test subdomain, enteprise.teamdesk.net. While setting up, please substitute enterprise.teamdesk.net with your own domain/subdomain name.

Ready to go?

Setup single sign-on in TeamDesk

First, in TeamDesk navigate to My Domain | All Users | Single Sign-on, switch to Test Mode and click Update button. New section, Service Provider will appear. Save the content of Metadata XML link as file.

TeamDesk Single Sign-on settings page

Do not close TeamDesk page, we’ll return back later.

Setup single sign-on in Google Workspaces

Navigate to Google Workspaces Admin Console and select Apps | Web And Mobile Apps. Click Add App | Add custom SAML app. 4-step wizard will appear.

On step 1, give app a name (say, TeamDesk SSO), add an optional description and icon.

Then, on step 2, click Download IdP Metadata button and open saved file with text editor. Now switch back to TeamDesk and paste file’s content into Identity Provider’s Metadata XML text box. Also to simplify testing, you may want to check Allow IdP-initiated logins box. Then click Update button.

Now, on step 3, set up Service Provider Details by copying the information from TeamDesk:

  • Copy Login URL from TeamDesk into Google’s ACS URL.
  • Copy Entity ID
  • Check Signed Response
  • …and set Name ID format to EMAIL

Then, finish the wizard.

Last thing to do is to enable user access to the app, and you are ready to go!