You can use your existing G Suite account as a SAML identity provider that will authenticate your Lattice users trying to sign in. By using your G Suite account your users will no longer need to remember an extra password to sign into Lattice and you can quickly remove their access to Lattice from a centralized control panel.

Important: The G Suite integration is only for SSO. We do not automatically synchronize your user accounts between systems yet. This is planned for the future, but right now you will have to keep your Lattice user accounts in sync with your directory service. If a user doesn't have an account in Lattice, then they won't be able to log in. You can create user accounts manually, or send us a CSV spreadsheet.


What is the difference between Google SSO and "Sign in with Google"?

  • "Sign in with Google" uses Google's OAuth API. Upside: No configuration. It "just works". The downsides is that the currently is no way to force only this option.
  • ."Google SSO" uses Google's SAML 2.0 API. The upside: One can force this option and disable email/password. The downsides is that its a pain to setup.

Note: As the SSO configuration is a technical process, we recommend that your IT team assist with set up

5 minute setup guide

1. In your Google Admin console (at admin.google.com) click Apps

2. From here click "Add App" and select "Add custom SAML app"

3. Give the app a name

4. From here be sure to download you XML metadata and put somewhere, such as a text editor, to be pasted into Lattice.

5. Configure the SAML endpoints. Please replace [subdomain] with your Lattice subdomain

- ACS URL: https://router.latticehq.com/sso/[subdomain]/acs
- Entity ID: https://router.latticehq.com/sso/[subdomain]/metadata
- Start URL: https://[subdomain].latticehq.com/login
- Name ID: "Basic Information" and "Primary Email"
- Name ID Format: "EMAIL"

6. You can skip the Attribute Mapping step and click "Finish"
7. Go to your Lattice admin panel and click on "Single Sign On"
8. Paste in your downloaded XML in the field called "XML metadata"
9. You can optionally limit the your users so that they can only sign in with SSO

10. Save, and you're all set! 

If you sign out of Lattice you should see a new Single Sign On button. Clicking on it will first take you to G Suite where you will be authenticated then G Suite will redirect you back to Lattice where your will be automatically signed in.

Please reach out to your account representative if you have any trouble with the integration.

What's Next?

Did this answer your question?