Setting up an Organisation Attendee SSO on Google Workspace

As an Organisation Admin, you can add an Attendee SSO profile so that the participants can seamlessly access an event without going through the repetitive login process across different applications on the attendee’s end. This not only enhances convenience but also ensures accountability by verifying the identification of each attendee.

Note: G Suite has transitioned its communication and collaboration tools into a more unified experience, leading to the rebranding of the platform as Google Workspace.

In this documentation, we will navigate you through the following steps to help you set up your Organisation Attendee SSO to prevent unauthorised access to confidential meetings and events.

  • Navigation to Organisation SSO 
  • Add Attendee SSO Profile 
  • Create an Application on G Suite 
  • Edit Attendee SSO Profile 

Let’s get started 🚀

Navigation to Organisation SSO

Step 1: Log in to your Pigeonhole Live account to access its dashboard. Click on your Workspace selection list from the top-left corner of the interface.

Step 2: Select your Organization name from your workspace selection list.

Step 3: Click on the Settings button from the top navigation bar to configure the organisation's Single Sign-On setup.

Step 4: Select the Single Sign-On option from the Organisation Settings to configure access to your workspace via the company‘s identity provider (G suite).

Create an Application on G Suite

Creating an application using G Suite (Google Workspace) Dashboard assigns it a client ID (a unique identifier), which you can use in your application while setting up organisation SSO for your attendees using Pigeonhole Live.

Step 1: Sign in to your G Suite account as an Admin and it will redirect you to the dashboard. Click on the Apps dropdown list from the left menu of the interface and select the Web and mobile apps option.

Step 2: Click on the Add Apps dropdown list and select Add custom SAML app option.

This will take you to the Add custom SAML app page, where you will need to enter the application name, description & icon (optional) for your application.

Step 3: After entering the basic details for your custom SAML app, click on the Continue button.

A Google Identity Provider details page will appear, where you find the following options to configure single sign-on (SSO) for SAML apps that will act as a bridge between GSuite and Pigeonhole Live.

  • Download the IDP metadata, which contains all the details such as SSO URL, entity ID, etc.

OR

  • Copy the SSO URL and Entity ID and download the Certificate (or SHA-256 fingerprint, if needed).

Note: The user can also download the IdP metadata file after finishing the custom SAML app integration.

A Service Provider Details page will appear, where you'll need to perform the following actions in the required fields:

Fields Description Actions
ACS URL The SAML response is received at the service provider's Assertion Consumer Service URL. Paste the Callback URL
Entity ID The application defines the unique identity of the SAML assertion's intended audience. This is usually your application's SP Entity ID. Paste the SP Entity ID.
Start URL: (Optional) This configures the parameter in a SAML Request, which can be a URL to redirect to after authentication. Paste the Callback URL (Optional)
Name ID Set the Name ID format and Name ID value for your custom SAML app. Select Email as Name ID format and Name ID value as the primary email.

After entering the required details, click on the Continue button.

An Attribute mapping page will appear to map user attributes based on the service provider’s requirements, by clicking on add mapping and selecting user fields in the Google directory, then map to service provider attributes.

After that, click on the Finish button.

Configure Application

After creating an application, you'll need to configure it for all users in the organization. This lets users log in using the application (Attendee SSO) that you set up.

Note: If you already have created a user on G Suite, you can follow the below steps. If don’t, refer to this document to create a user.

Step 1: Click on the Off for everyone from the application’s user access section.

 

Step 2: Select the On for everyone option and click the Save button.

 

Edit Attendee SSO Profile

After creating an application in G Suite, you will need to edit an Attendee SSO profile which involves modifying the SAML settings associated with the organisation SSO from Pigeonhole Live.

Step 1: From the Single Sign-On Page, click on the Edit button of your Attendee SSO profile.

Step 2: A modal window will appear on the screen, where you must enter the Attendee SSO Profile name and upload the IdP metadata file.

Step 3: Click on the Save button to save the SAML settings containing your IdP metadata associated with the organisation SSO.

  

This will complete the Organisation Attendee SSO setup.

Enable SSO for your Attendees

Manage the attendee SSO profiles for your workspaces from Pigeonhole Live events using SSO configuration. 

Step 1: Click on your Organisation selection list from the top-left corner of the interface and select your Workspace name from your Organisation selection list.

Step 2: Click on your Workspace selection list from the top-left corner of the interface and select the Workspace Settings of your selected workspace.

Step 3: Select the Pigeonhole policies option to configure Attendee SSO profile availability.

Step 4: Check the Availability option corresponding to the Attendee SSO profile you added.

Note: Selecting "Default" for the Attendee SSO profile will let you set that attendee profile as the default for every newly created pigeonhole (event).

Step 5: Click on the Save button to save the changes. 

Step 6: Select the Pigeonholes tab from the top navigation bar and this will take you to the Pigeonhole page where you need to set up an Event which will apply the saved SSO configuration for the attendee. 

For Setting up the Pigeonhole Live event, refer to Setting up and Editing your Event Info

 

Step 7: Click on the Attendees tab from the top menu bar.

Step 8: Navigate to the “Registrant Profiles” section, uncheck the Enable registrant profile for this event option, and click on the Save button.

Step 9: Click on the Security tab from the menu bar.

Step 10: Select the Attendee SSO profile which you added for your workspace from organisation settings and click on the Save button.

This will complete the configuration for the Organisation Attendee SSO setup. Now attendees entering the Pigeonhole will be redirected to access G Suite Attendee SSO. This is what your attendees entering this Pigeonhole will see when accessing the Pigeonhole link.