Skip to main content

Google Workspace

Configure Voilà for Google Workspace

Create a custom SAML Application

Use the following values to create a custom SAML Application

App name: voila
Description: Voilà SSO App

img Add custom SAML App

Retrieve the Identity Provider details

Option 1

Download the IdP metadata then send the file to the Voilà Live Manager for your account.

Option 2

Collect the individual values for

  • SSO URL
  • Entity ID
  • Certificate

img Identity Provider details

Go to Backstage > Integrations > SSO SAML and fill the form with the previous values.

img Identity Provider details

Configure the Service Provider details

Use the following values to populate the Service provider details

ACS URL: https://api.voila.live/sso/saml/consume
Entity ID: https://api.voila.live/sso/saml
Signed response: true (checked)
Name ID format: Unspecified
Name ID: Basic Information > Primary email

img Service Provider details

Custom Profile attribute

Why must I create a new custom profile attribute ?

Using the SSO feature of Voilà has impacts on your GDPR compliance. Upon activation the signup process will be delegated to your Identity Provider (IdP).

Then the Voilà player will only rely on data coming from your IdP without any modification.

Therefore harvesting the user’s consent must be done by your organization and prior to your event. To do so a new profile attribute is required. Such attribute will be used to track the user's consent.

Adding a custom attribute

  • Go to Directory > Users > More Options > Manage user attributes

img Manage custom attributes

  • Create a new attribute using the following values:
Category: Voila SSO
Custom fields:
  Name: sharePersonalData
  InfoType: Yes or No
  Visibility: Visible to organization
  No. of value: Single Value

img sharePersonalData

Claims mapping

  • Add the following mapping
Google Directory attributeVoilà attribute
Basic Information > Primary emailemail
Basic Information > Last namefamily_name
Basic Information > First namegiven_name
Basic Information > Primary email (or any other unique field)sub
Voila SSO > sharePersonalDatasharePersonalData

img Additional claims and mapping

Updating user profile

Set sharePersonalData to Yes for every user that should access Voilà

Nota:

As per Google documentation (https://support.google.com/a/answer/6208725?hl=en), custom profile attributes are not eligible to bulk updates.

You should either update each user manually through the Admin console or use the Directory API (https://developers.google.com/admin-sdk/directory/v1/guides/manage-schemas).

Create user groups (optional)

You may create one or more user groups to allow/deny access to the Voilà APP