You can use your existing G Suite account as a SAML identity provider that will authenticate your Lattice users trying to sign in. By using your G Suite account your users will no longer need to remember an extra password to sign into Lattice and you can quickly remove their access to Lattice from a centralized control panel.

Important: The G Suite integration is only for SSO. We do not automatically synchronize your user accounts between systems yet. This is planned for the future, but right now you will have to keep your Lattice user accounts in sync with your directory service. If a user doesn't have an account in Lattice, then they won't be able to log in. You can create user accounts manually, or send us a CSV spreadsheet.

What is the difference between Google SSO and "Sign in with Google"?

  • "Sign in with Google" uses Google's OAuth API. Upside: No configuration. It "just works". The downsides is that the currently is no way to force only this option.
  • ."Google SSO" uses Google's SAML 2.0 API. The upside: One can force this option and disable email/password. The downsides is that its a pain to setup.

Note: As the SSO configuration is a technical process, we recommend that your IT team assist with set up

5 minute setup guide

1. In your Google Admin console (at click Apps > SAML apps

2. Click Setup my own custom SAML App.

3. Use the second option to download the IdP metadata XML  

4. Set the name, description, and logo for the application.

- Name: "Lattice
- Description: "Modern performance management employees love."
- Upload logo: Please download and use this image of our logo

5. Configure the SAML endpoints. Please replace [subdomain] with your Lattice subdomain

- ACS URL:[subdomain]/acs
- Entity ID:[subdomain]/metadata
- Start URL: https://[subdomain]
- Name ID: "Basic Information" and "Primary Email"
- Name ID Format: "EMAIL"

6. You can skip the Attribute Mapping step and click "Finish"
7. Go to your Lattice admin panel and click on "Single Sign On"
8. Paste in your downloaded XML in the field called "XML metadata"
9. You can optionally limit the your users so that they can only sign in with SSO

10. Save, and you're all set! 

If you sign out of Lattice you should see a new Single Sign On button. Clicking on it will first take you to G Suite where you will be authenticated then G Suite will redirect you back to Lattice where your will be automatically signed in.

Please reach out to your account representative if you have any trouble with the integration.

What's Next?

Did this answer your question?