This feature is available only on the Enterprise plan and can be purchased as an add-on on the Pro plan.
In this article you'll learn how to set up single sign-on with Lokalise and Google.
Here's a short video that can help you get started:
Configuration on Lokalise
To get started, log into Lokalise, click on the avatar in the bottom left corner and choose Team settings:
Then, proceed to the Advanced security tab and tick the Enable SSO field:
Team's domain: Enter your full Google domain (e.g.,
example.com
).SAML 2.0 Endpoint (HTTP): Paste the SSO URL from your Google SAML app configuration. Example:
https://accounts.google.com/o/saml2/idp?idpid=123abc
. (See the next section for details.)Identity Provider Issuer: Use the Entity ID from the Google SAML setup page.
Example:https://accounts.google.com/o/saml2?idpid=123abc
Public Certificate: Copy the value from the Certificate field in your Google SAML app setup. It must begin with
-----BEGIN CERTIFICATE-----
and end with-----END CERTIFICATE-----
.Sign AuthnRequest: Not typically required. If needed, enable this setting in Lokalise, then copy the Service provider Public Certificate from Lokalise into a
.crt
file and import it into the required service.
Reconfiguring same SSO domain for another team
If you need to reconfigure the same SSO domain for another Lokalise team, please follow these steps:
Empty all fields within Single sign-on (SSO) section of the Advanced security tab.
Uncheck Enable SSO setting.
Click on Save.
Proceed with configuring SSO for the other Lokalise team.
Configuration on Google
After updating your SAML app settings in Google Workspace, allow a few minutes for changes to propagate before testing SSO login with Lokalise.
Step 1: Create the SAML app
Go to
admin.google.com
.Navigate to Apps > Web and mobile apps > Add app > Add custom SAML app.
Enter a name for your app. Optionally, upload an icon.
Youโll now see the SSO configuration screen.
Copy the following values from the Google SAML app to Lokalise:
SSO URL โ Paste into the SAML 2.0 Endpoint (HTTP) field.
Entity ID โ Paste into the Identity Provider Issuer field.
Certificate โ Paste into the Public Certificate field.
Step 2: Service provider details
Switch to the Service provider details tab and fill in:
ACS URL: Copy the ACS URL Preview from your Lokalise SSO settings.
Entity ID: Enter
https://lokalise.com
Name ID format: Select Email. The identifier must be unique, stable, and pseudo-random (e.g., employee ID or primary email).
Step 3: Attribute mapping
Click Add mapping and add the following fields:
Google directory attribute | App attribute |
Basic information > First name |
|
Basic information > Last name |
|
Basic information > Primary email |
|
Step 4: Finish setup
Click Finish to complete the app creation.
Logging in with SSO
Once everything is set up, proceed to https://app.lokalise.com/sso
and enter user email associated with the Google domain. Upon the first log in, you'll be asked to confirm your email: