This feature is available only on the Enterprise subscription plan.
In this article you'll learn how to set up single sign-on with Lokalise and Google.
Here's a short video that can help you get started:
Configuration on Lokalise
To get started, log into Lokalise, click on the avatar in the bottom left corner and choose Team settings:
Then, proceed to the Advanced security tab and tick the Enable SSO field:
Team's domain — enter your Google domain.
SAML 2.0 Endpoint (HTTP) — enter SSO URL from the Google SAML app creation page for example
https://accounts.google.com/o/saml2/idp?idpid=123abc. Check the next section to learn more.
Identity Provider Issuer — enter the Entity ID value from the Google SAML app’s creation page, for example
Public Certificate — copy this value from the Certificate field when creating a new SAML app on Google. Must begin with
-----BEGIN CERTIFICATE-----and end with
Sign AuthnRequest is not usually required. If you do need this feature, then tick the corresponding field and copy certificate from Service provider Public Certificate field on Lokalise, and then save it to an
.crtfile. Then you can import this file to a necessary service.
If you need to reconfigure the same SSO domain for another Lokalise team, please follow these steps:
Empty all fields within Single sign-on (SSO) section of the Advanced security tab.
Uncheck Enable SSO setting.
Click on Save.
Proceed with configuring SSO for the other Lokalise team.
Configuration on Google
admin.google.com, click Add app > Add custom SAML app.
Enter you app name.
Optionally, upload your app's icon.
You'll be presented with the SSO configuration:
SSO URL — paste this value into the SAML 2.0 Endpoint (HTTP) field on Lokalise.
Entity ID — paste this value into the Identity Provider Issuer field on Lokalise.
Certificate — paste this value into the Public Certificate field on Lokalise.
Next, proceed to the Service provider details tab. Fill in the following fields:
ACS URL — copy the ACS URL Preview value from Lokalise.
Entity ID — enter
Name ID format — choose email. Must be unique, pseudo-random, and will not change for the user over time — like an employee ID number.
Next, set up Attribute mapping. Click Add mapping and add the following:
Basic information > First name and enter
first_nameas the app attribute.
Basic information > Last name and enter
last_nameas the app attribute.
Basic information > Primary email and enter
User.Emailas the app attribute.
Click Finish to complete the app creation.
Logging in with SSO
Once everything is set up, proceed to
https://app.lokalise.com/sso and enter user email associated with the Google domain. Upon the first log in, you'll be asked to confirm your email: