Single Sign-On (SSO) streamlines access to ISMS.online by enabling users to authenticate via your organisation’s identity provider. This guide will walk you through setting up SSO using Google as your provider.
Please note that this setup requires access to administrative settings within your identity provider. We recommend involving your internal IT or systems administration team to assist with configuration.
We also support Azure AD and Okta.Click through for the relevant setup guides.
1. Creating an Application in Google Admin Console
To integrate ISMS.online with Google SSO, you'll need to configure a custom application within your Google Admin Console. Use the following settings depending on your region:
Global (default)
- Assertion Consumer Service (ACS) URL
https://<ORGANISATION>.isms.online/sso/saml2 - Entity ID
https://<ORGANISATION>.isms.online/sso/saml2/sp
APAC Region
- ACS URL
https://<ORGANISATION>.r2.isms.online/sso/saml2 - Entity ID
https://<ORGANISATION>.r2.isms.online/sso/saml2/sp
North America
- ACS URL
https://<ORGANISATION>.r3.isms.online/sso/saml2 - Entity ID
https://<ORGANISATION>.r3.isms.online/sso/saml2/sp
European Union
- ACS URL
https://<ORGANISATION>.r4.isms.online/sso/saml2 - Entity ID
https://<ORGANISATION>.r4.isms.online/sso/saml2/sp
If you’ve already configured a custom subdomain for your platform, please substitute <ORGANISATION> with that subdomain.
2. Information Required for Setup
To proceed with the integration, the ISMS.online support team will require the following details from your identity provider:
- Your platform's subdomain (e.g. https://yourcompany.isms.online)
- SSO target URL
e.g. https://accounts.google.com/o/saml2/idp?idpid=... - Entity ID
e.g. https://accounts.google.com/o/saml2?idpid=... - Identity provider certificate (in Base64 format)
Please ensure requests come from an Organisation Administrator.
Once this information is gathered, you can share it with us via support@isms.online or the live chat function.
3. Locating Your Identity Provider Details in Google
To retrieve the necessary information from Google:
- From the Admin Console Home, go to Apps > SAML apps.
- Click the Add (+) button.
- Choose Set up my own custom app.
- A window titled Google IDP Information will appear.
- Copy the SSO URL and Entity ID, and download the certificate in Base64 format.
- You can also download the full IDP metadata file if preferred.
- You can also download the full IDP metadata file if preferred.
4. Connecting to the ISMS.online Live Environment
Once ISMS.online support has confirmed your subdomain is active, you can finalise the connection by entering the same regional ACS URL and Entity ID settings into your Google Admin Console.
Refer to the regional values provided in Section 1.
5. Attribute Mapping Requirements
To ensure successful login and user provisioning, the following SAML attribute mappings must be applied:
SAML Attribute Name | Maps to in Identity Provider |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname | First name |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname | Last name |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress | Email address (used to log in) |
The Name Identifier Format must be set to Persistent.
6. Accessing ISMS.online via SSO
Once SSO is enabled, users will sign in using a dedicated subdomain:
Example:
https://<ORGANISATION>.isms.online
This ensures all authentication requests are redirected to your configured identity provider.
7. Additional Configuration Notes
- The assertion, response, or both must be signed.
- SHA-1 and SHA-256 algorithms are supported; we recommend using SHA-256 as a best practice.
- SSO can be initiated from either the identity provider or service provider.
- Encrypted assertions are not supported.
Need Help?
If you have any questions during or after your SSO setup, please get in touch with our support team at support@isms.online or via live chat.
For further guidance on configuring Google SAML, please refer to Google's official documentation.