Setup LeavePro SSO for Google Workspace

    If you use Google Workspace (previously called G-Suite) then you can setup single sign-on (SSO) in LeavePro using Google as your identity provider.

    Step 1: Setup Google Workspace

    Go to “Apps” in the Google Workspace Admin Console.

    Click “Web and Mobile apps”.

    Azure - New Application

    Click “Add App” and choose “Add custom SAML app”.

    Azure - New Application

    Enter “LeavePro” for the app name.

    The App icon is optional, but you can download an icon here.

    Click “Continue

    Azure - New Application

    Make a note of the information below. It will need to be entered into LeavePro later. You can use the copy button to copy to the clipboard.

    • SSO URL
    • Entity ID
    • Certificate

    Click “Continue

    Azure - New Application

    Go to LeavePro and select “Administration -> Single Sign-On” from the top menu and click “How to setup your Identify Provider

    Copy the “Entity ID” and “Assertion Consumer Service URL

    Azure - New Application

    Go back to the Google Workspace setup.

    Copy the “Entity ID” from LeavePro above and enter it in the “Entity ID” field in Google.

    Copy the “Assertion Consumer Service URL” from above and enter it in the “ACS URL” field in Google.

    Don’t tick the option “Signed Response

    The “Name ID” option should be set to the default “Basic Information > Primary email

    Click “Continue

    Azure - New Application

    You don’t need to enter anything on the final screen below. Just click “Finish”.

    Azure - New Application

    You’ll need to grant access to users for the LeavePro app that you just created.

    Click the drop-down arrow to give access to your users.

    Azure - New Application

    Step 2: Setup LeavePro

    Go back to LeavePro and select “Administration -> Single Sign-On” from the top menu.

    Tick “Enable Single Sign On”.

    In the “Issuer Entity Id” field paste the “Entity ID” from Google Workspace.

    In the “SAML Login URL” field paste the “SSO URL” from Google Workspace.

    In the “Public Certificate” field paste the “Certificate” from Google Workspace.

    Azure - Create your own application

    You can customise the sign-on button for users by entering something in the “Sign-In Button Label

    Azure - Create your own application

    Click ‘Save Settings’.

    Now you can test that single sign-on is working by logging out of LeavePro and then trying to log in with your Google Workspace account.

    Note that to log in with a Google Workspace account an employee must exist in LeavePro with the same e-mail address as that Google account.

    This feature is only available in LeavePro Plus.