All Collections
Command
SAML/SSO
Google Workspace SAML Integration
Google Workspace SAML Integration

Integrate Google Workspace with Verkada Command for SSO

Updated over a week ago

Verkada Command has the ability to integrate with Google Workspace (among other Identity Providers [IdPs]) for single sign-on (SSO) scenarios.

Security Assertion Markup Language (SAML) handles the authentication side of things allowing Google Workspace to be used to manage access to Command.

Before you begin

  1. Ensure you have already registered on Verkada Command and an account exists for the user in the same custom domain. You can add Command as a custom application.

  2. Familiarize yourself with these terms to maximize your integration:

    • Client ID—Client ID. To locate, go to Admin > Privacy & Security > Single Sign-On Configuration > Add New.

    • Federation Data XML—The unique information from your Google Workspace instance that allows Verkada to set up the federation between Google Workspace and your Command instance (the steps to download this are provided later).

How it works

  1. Go to Google Workspace > Google Admin dashboard and select Web and mobile apps.

  2. Select the Add app dropdown and select Add custom SAML app.

  3. Fill in the application information; you can use any name and description.

  4. Get the Verkada Command logo to add to your Google Workspace application.

  5. Click Continue.

  6. Use Option 1 to download the IdP metadata that corresponds to the federation metadata Extensible Markup Language (XML) and click Continue.

  7. Type the service provider details (as shown) to configure SSO or, you can copy the details from the New SSO Configuration page (in Verkada Command), and click Continue.

    1. For ACS URL:
      For US orgs: https://vauth.command.verkada.com/saml/sso/<client-id>
      For EU orgs: https://saml.prod2.verkada.com/saml/sso/<client-id>

    2. For Entity ID:
      For US orgs: https://vauth.command.verkada.com/saml/sso/<client-id>
      For EU orgs: https://saml.prod2.verkada.com/saml/sso/<client-id>

    3. For Start URL:
      For US orgs: https://vauth.command.verkada.com/saml/login/<client-id>
      For EU orgs: https://saml.prod2.verkada.com/saml/login/<client-id>


    Note: To confirm which region you're located, please refer to where your organization was created for Verkada.

  8. Fill in the Attributes mappings (as shown below) and click Finish. This ensures that Command receives the correct information about the user. You should be redirected to the app configuration page.

  9. Upload a copy of the federation metadata XML file to Command: Go to Admin > Privacy & Security > Single Sign-On Configuration.

  10. Click Edit Configuration or Add New, and then drag and drop the metadata file into the box, as shown.

  11. Verify that you can access Command one of these URLs (substitute the client-id with the one used during setup).

  12. This redirects you to the IdP (Google Workspace) to complete the login process. You should be redirected to the app configuration page.

Log in via the mobile application

Command on Android and iOS supports login through SAML.

  1. In the email address field, type the user's email and click Next.

  2. You should be redirected to your IdP (Google Workspace) to complete the login process.

Learn more

Azure AD SAML Integration

Okta SAML Integration

OneLogin SAML Integration

Enable SAML for Your Command Account

AD FS SAML Integration

JumpCloud SAML Integration

Need more help? Contact Verkada Support

Did this answer your question?