Deutsch Español Français 日本語 Português do Brasil

Articles in this section

How to configure Google SSO

Cat
  • Updated

Available for: Enterprise, Business plans

Set up by: Company Admins

💡 It is strongly recommended to configure SSO in a separate incognito mode window of your browser. This way, you keep the session in the standard window, allowing you to switch off the SSO authorization in case something is misconfigured.

If you wish to set up a test instance before enabling SSO on production, please request it with your Account Executive or Sales representative. Only those who configure SSO will be added to this test instance.

⚠️ See our main SSO article here for rules, supported features and optional configuration on the Miro end.

The instruction by Google can be found here.

Setting up Google

Adding and configuring the app 

  1. From the Admin console Home page, go to Apps > Web and mobile apps.
  2. Click Add App > Add custom SAML app.
  3. On the App Details page enter the name of the app, for example simply Miro. You may also upload an app icon (optional). 
  4. In the Service Provider Details section, fill out the fields:
    ACS URL - https://miro.com/sso/saml
    Entity ID - https://miro.com/
    Start URL - must be left empty
    Signed response - must be left unsigned 
    Name ID format - set as EMAIL. 
    required_app_configuration.jpg
    Required app configuration

Optionally you can also add a custom ProfilePicture attribute setting the format to TEXT and providing a publicly accessible URL to the image as the value. 

User Credentials (Claim Types)

In the SAML attribute mapping section set the attributes that will define your end-user's Username in Miro. Miro will accept the FirstName and LastName pair (or the DisplayName instead - for that see Optional settings).

attributes_configuration.jpg
Attributes configuration

As a final step switch the app ON for some or all your users:

service_status.jpg
Enabling the app for the users

As a result your configuration should look something like this: 

finished_configuration.jpg
Finished configuration

Setting up Miro

On the Google Identity Provider details page, get the SSO URL link in the Download Metadata section. Open your Miro Company settings > Enterprise Integrations > SSO and fill out the parameters like so:

  • Copy the SSO URL and add it to the Miro's SAML Sign-in URL field
  • Download the Certificate, open the file in a text editor and copy and paste the value in the Key x509 Certificate field

As a final step of the Miro settings add your domains and verify them. You may also configure the optional settings. After enabling Google SSO, end-users need to log out of their Google account and log back in to be able to sign in to Miro.

If you meet any issues, please check out our list of common cases and how to resolve them and the Google troubleshooting page

Google SCIM

At the moment, this identity provider does not support SCIM due to restrictions to our preconfigured app in the Google catalogue. We requested the necessary update with Google, but so far, the provisioning feature has not been added. 

Was this article helpful?
Yes, thanks Not really
Sorry about that! Why wasn't the article helpful?
If you would like to get a reply from the Miro Support team, please create a ticket here
Thank you for your feedback!
Error! Please try later...
Return to top

Related articles