Skip to main content
Sumo Logic

Integrate Sumo Logic with Google Apps (G Suite) IAM Service

  1. Last updated
    15:30, 6 Jul 2017
  2. Save as PDF

Using Security Assertion Markup Language (SAML), you can use your Google Apps credentials to log into Sumo Logic via Single Sign-On (SSO).

For more information, refer to Google documentation at:  https://support.google.com/a/answer/6087519?hl=en

Configure a Custom Google SAML App

  1. Log into the Google Admin Console.  
  2. Select Apps > SAML Apps.
  3. Select a new SAML app to be configured, or click the + at the bottom of the page.
  4. At the bottom of the list, select Setup my own Custom App.
  5. This presents the Google IdP Information dialog. Take note of the following:
    • SSO URL
    • Entity ID
  6. Download the Certificate.
  7. Click Next.
  8. In Basic Information for your Custom App, enter the following:
    • Application Name. Enter Sumo Logic.
    • Description. Sumo Logic is the industry's leading, secure cloud-based log monitoring, management and analytics service that leverages big data for real-time IT insights.
    • Upload Logo. Use sumologic.png
  9. Click Next.

Configure Sumo Logic SAML

  1. Open a new browser tab and log into Sumo Logic.
  2. Go to Administration > Security > SAML (Manage > Security and click the SAML button in the classic UI). You will need these Sumo Logic values to enter into the Google configuration.
  3. In the Configure SAML 2.0 dialog, enter the following details:
    • Configuration Name. Google Apps Auth (or you can enter any name you like).
    • Debug Mode. Not required, activating this setting now is useful for troubleshooting later.
    • Issuer. Enter the Entity ID from the Google IdP Information dialog.
    • Authn Request URL. Enter the SSO URL from the Google IdP Information dialog.
    • X.509 Certificate. Open the certificate file that you downloaded from the Google IdP Information dialog in a text editor. Copy and paste the contents into this field.
    • Email Attribute
      • Use SAML Attribute. Activate this check box.
      • Value. Enter Email
    • Roles
      • SP Initiated Login Configuration. Activate this check box.
      • Login Path. Enter anything you like, for example, companyname_sumo.
      • On-Demand provisioning. Activate this check box.
      • First Name Attribute. FirstName
      • Last Name Attribute. LastName
      • On-Demand Provisioning Roles. Analyst
  4. Click Save. Then click SAML again.
  5. Copy the following values:
    • SP Initiated (Redirect & POST values)
    • Authentication Request
    • Assertion Consumer

Complete the Google SAML App Configuration

  1. Go Back to the Google Auth Configuration – Service Provider Details dialog, and enter the following information:
    • ACS URL. This is the Assertion Consumer from Sumo Logic
    • Entity ID. This is the Authentication Request URL from Sumo Logic
    • Name ID. Basic Information – Primary Email
    • Name ID Format. EMAIL
  2. Click Next.
  3. In the Attribute Mapping dialog, make the following selections:
    • FirstName. Select Basic Information and First Name.
    • LastName. Select Basic Information and Last Name.
    • Email. Select Basic Information and Primary Email.
  4. Click Finish.
  5. The Settings for Sumo Logic page is displayed, and you should see the success message Setting up SSO for Sumo Logic. Click OK.
  6. To enable the Sumo Logic App for everyone, from the menu, select On for everyone.
  7. After a short delay, the new Sumo Logic SAML App will be displayed in your Google Apps login menu.