Google

Note: This login method is only available in the licensed Business + Enterprise editions


This guide walks you through setting up SAML with Google, Outline also supports using OAuth and OIDC with Google in all editions.

Create Application

  1. Go to Apps → Web and mobile apps (You will likely need to sign-in)

  2. Click Add app → Add custom SAML app

  3. Add the name “Outline”

  4. Copy the SSO URL, entity ID, and certificate

Service provider details

On the next screen, set the following values and click Continue

  • ACS URL is set to https://yourdomain.com/auth/saml.callback

  • Entity ID is set to https://app.getoutline.com

  • Start URL is set to https://yourdomain.com/auth/saml

  • Name ID format is set to “EMAIL”


Example Google SAML setup

Example Google SAML setup


Attribute mapping

Setup the following mappings, and click “Finish”.

  • “First name” → fName 

  • “Last name” → sName

  • “Primary email” → email


Google SAML attribute mapping

Google SAML attribute mapping


Configure Outline

Now we need to tell Outline where to find our Google application. Two new environment variables must be set inside of the environment (Usually docker.env). Once the server is restarted, if all is setup correctly you should see a new option to “Continue with SAML” on the login screen.

Environment variable


SAML_SSO_ENDPOINT

Use the value from SSO URL in the first step above

SAML_CERT

Use the value from Certificate in the first step above. In a text editor delete the “-----BEGIN CERTIFICATE-----” and “-----END CERTIFICATE-----” text and all new lines. The resulting cert should be on a single line.