This document outlines the steps required to configure Google G Suite as the Identity Provider (IdP) for a client’s user base. In this scenario, the authentication request source will be the MetaCompliance Azure B2C. Once configured, all authentication requests on the MyCompliance Cloud portal will be redirected to the client's IdP.

Configuration Steps

1. Sign in to your Google Admin Console using an administrator account. 

2. From the Admin console home page, navigate to Apps > SAML Apps. 

3. Click Add in the bottom-right corner and select Set up my own custom app. 

• The Google IDP Information window will open, and the SSO URL and Entity ID fields will be automatically populated. 

4. Select Option 2 - Download the IDP metadata. 

5. Send the downloaded IdP metadata file to your MetaCompliance technical contact. 

6. Click Next. 

7. In the Basic information window, add an application name and description. 

8. (Optional) Upload a PNG or GIF file to serve as an icon for your custom app. 

• The icon image should be 256 x 256 pixels. 

9. Click Next. 

10. In the Service Provider Details window, enter the following: 

- ACS URL: https://metacomplianceb2c.b2clogin.com/metacomplianceb2c.onmicrosoft.com/B2C_1A_TrustFrameworkBase/samlp/sso/assertionconsumer
- Entity ID: https://metacomplianceb2c.b2clogin.com/metacomplianceb2c.onmicrosoft.com/B2C_1A_TrustFrameworkBase

11. The default Name ID is the Primary email, as shown below: 

12. Click Finish. 

13. Add the following SAML attribute mapping. (Confirm the output attributes match those shown in the image below - and note that they are case sensitive.)

Primary email > email 

Primary email > userPrincipalName 

14. Click Save.