G-Suite Marketplace app and signing in with SAML SSO, password or SAML.
Hi,
We've installed the Expensify g-suite marketplace app and have SSO working via the Google Apps.
Question: How do I now enable the "SAML or password flow" on the Expensify login page, where an end user can either enter their Expensify password or choose the SAML option after entering their email (as per the gif under the Signing In with SAML SSO section in the KB https://docs.expensify.com/en/articles/4102-saml-single-sign-on-sso)?
It looks like I need the g-suite IDP metadata to configure this in Expensify, but that's not available in g-suite marketplace app config. Do I have to configure a g-suite SAML app rather than use the Market Place app?
thanks
Answers
-
Hey there @rich2049 !
Are you just referring to the ability for employees to use either option? If so, there shouldn't be any additional settings required beyond making sure that "required for login" is disabled under SAML within your domain.
Looking at your domain, it appears this is already disabled so everyone should be able to login with their Expensify password or SSO if they prefer.
This setting is found under Settings - Domains - [Domain Name] - SAML
-
Hi. Thanks for your reply.
Yes that is what I am talking about. On the login page https://www.expensify.com/ when I click Email and enter my company email and then click Next, I expect to be prompted with the question "Would you like to sign in with a password or Single Sign-On". But instead I am taken directly to the password flow and prompted for my password.
This is on a web browser on my laptop.
-
Cortney Ofstad Expensify Success Coach - Admin, Expensify Team, Expensify Student Ambassador Posts: 173 Expensify TeamHi @rich2049! For this, can you share a screenshot from the login page showing the password option? This will help us troubleshoot further into why SAML is not showing up as an option for you.
Thanks!
-
Where as I would expect to be given the option of password or SAML after entering my email address. Like in the gif on the kb.
thanks
-
Thanks @rich2049! Could you tell me if this is happening for others on your team as well?
-
Yes. Same thing happening to all users.
-
@rich2049 could you please reach out to [email protected] and mention this Community thread so my team can investigate the issue here? Thank you!
-
done
-
Hey does the SAML integration in Google Creates the Users as well ?
-
Hey @AmitG!
Are are you referring to GSuite/Google Workplace?
With GSuite/Google Workplace SSO, there will be an option to sync GSuite/Google Workplace users to your policy. Once invited to the policy, the users would be able to set up their Expensify account and submit reports.
We have more information on GSuite and how it works here: How to How-To: Enable Google Apps SSO with your Expensify Group policy
