This document describes the steps required to activate SSO on your CodinGame account using the SAML protocol with Google Workspace.
Prerequisites for activating SSO on your CodinGame account:
- You must have admin rights for your CodinGame account.
- You must identify the right person on your end who will be able to implement the required configuration changes on your Google Workspace account, i.e. your system administrator.
- Google Workspace does not support user provisioning so Google Workspace users will still need to be invited directly from your CodinGame account.
- Account-wide failure to login may occur for your users during the configuration process. Reversing the SSO activation on the account can be done at any time if the configuration fails.
- At any time, even when the SSO configuration is active, it is possible for an admin to log into the account using email and password credentials through one of the following URLs:
- You may want to test drive the integration on a CodinGame test account first. In which case, contact your CodinGame account manager to set up this test account.
Activate the SSO configuration
- Open a ticket with the CodinGame support team by sending a request to [email protected] for SSO Activation.
- The support team should then send you four URL parameters linked to SSO:
- SP Entity ID
- SP Assertion Consumer URL
- SP Metadata URL
- SP Logout URL
- Configure an “App” in Google Workspace corresponding to CodinGame:
- Admin > Apps > Web and mobile apps > Add App > Add custom SAML app
- Copy and send the following parameters to the CodinGame support team:
- SSO URL
- Entity ID
- Click Continue and enter the following configuration in the Service provider details panel:
- ACS URL = SP Assertion Consumer URL (from the CodinGame support team)
- Entity ID = SP Entity ID (from the CodinGame support team)
- Leave the other fields unchanged
- Click Continue and on the Attributes panel, click the ADD MAPPING button:
- For the Google Directory attributes, select Primary email
- For the App attributes, type User.Email
4. Click Finish
5. Expand the User access panel of the newly created app and activate the service by selecting the ON for everyone option.
6. For testing purposes, add the Google Workspace admin user used to configure SSO as a user of your CodinGame account.
7. Contact CodinGame support to schedule a real-time meeting between one of our engineers and your system administrator. During the meeting, CodinGame will activate SSO on your account, and you may then check that the Google Workspace admin user can indeed connect to CodinGame through SSO. Any final adjustments can be made during this call. As an alternative to a real-time meeting, you may just request activation of SSO by sending an email to [email protected].
8. From now on, any user added to both the Google Workspace and the CodinGame account will be authenticated through Google Workspace.