Google SSO for Curricula

This article outlines how to integrate Google SSO with Curricula to provide your learners a fast and secure way to access the Curricula Security Awareness Training platform. 
 

Create a Custom SAML app in GSuite

1.  Log into your GSuite admin account and click on ‘Apps’ from the Admin Console.
2.  Select ‘SAML Apps’ from the Apps screen.
 
 
3.  Select ‘Add a service/App to your domain’ on the SAML apps page.
 
4.  From the ‘Enable SSO for SAML Application’ box (pictured below), select ‘Setup My Own Custom App’ at the bottom.
 
 
5.  On the following screen, ‘Google IdP Information,’ you will need to copy the SSO URL and download the Certificate to enter into the Curricula app. 
 
 
 
Proceed to the ‘Add App Credentials to Curricula’ section, but keep this window open — you will need to return after Step 4.

Add App Credentials to Curricula

1.  Log into your Curricula Admin account and navigate to the ‘Settings’ tab.
2.  Then from the Learners Settings scroll down to the Groups section and click 'Edit' on the title of the group whose Access Code you want to manage.

3.  Select the Group that will use Google SSO, and then navigate to the ‘Access’ tab. 

 Access Code Authentication 3
4.  Under the ‘Authentication Type’ section, select ‘SAML Single Sign-on' from the dropdown and click ‘Update.’
Google 2
5.  Under the ‘SAML Configuration’ section, which will appear after completing the last step, enter the Google SSO URL from your application on the ‘Identity Provider Single Sign-on URL’ line. Then add your Google SSO certificate in the ‘New Identity Provider X.509 Certificate’ box below.
 google3

Important Note About the Identity Provider Single Sign-on URL

 

We need to modify the URL that we get from the SSO URL field (that we just pasted into box 1 above). You will probably see something like this:

https://accounts.google.com/o/saml2?idpid=C018bayj0

We need to modify this in the following ways:

https://accounts.google.com/o/saml2 part to read https://accounts.google.com/o/saml2/initsso

 

So, your URL will look like this: https://accounts.google.com/o/saml2/initsso?idpid=C018bayj0

 

But, there’s one more thing we need to add to this URL, if you take a look at the Address bar of your newly created SAML App, you will see a format similar to this:

 

We need to get that SAML id similar to the id above `68861099283`

 

And we need to add &spid={YOUR_SAML_ID} to the end of the URL, replacing your SPID in the existing link

 

So, the final Identity Provider Single Sign-on URL, will look similar to this:

 

https://accounts.google.com/o/saml2/initsso?idpid=C018bayj0&spid=68861099283

 

That is what you will need to enter into the Identity Provider Single Sign-on URL field of your Curricula Group settings

 

Make sure to click the Update button in Curricula to save your changes. 

 

5.  Click the Update button in Curricula to save your changes. 
6.  Return to the ‘Google IdP Information’ box from your Google Admin Console (Step 5 from the previous section) and click Next.
7.  On the ‘Basic Information for your Custom App’ box, create a name on the ‘Application Name’ line, something like ‘Curricula Saml Application’ will work. You can also add a description under ‘Description’ if you choose.
8.  Click Next to proceed.

 
 
9.  Return to the ‘SAML Configuration' section where you left off on mycurricula.com (Step 4 above) and copy the URL listed under ‘Service Provider Sign In URL.’
 Google4 
10.  Return to the Google Admin Console, to the ‘Service Provider Details’ box, and enter the URL you copied from the previous step into the Access URL and Entity ID fields. 
11.  Check the Signed Response and click Next to proceed.
 
 
12.  On the ‘Attribute Mapping’ box, click Finish.
 
 
13.  The new application will appear on your SAML Apps list of GSuite. Click the ellipsis to the right of the screen on the app line and set it to ‘On for Everyone.’ 
 
 
Now that you have successfully set up Curricula SMAL, let’s test the configuration by signing in as a new user using the new Curricula SAML application.
 
 

Testing the Application

 
Any user in your organization logging into their Google account (myaccount.google.com) will now see Curricula SAML in their application dropdown (see screenshot below).
 
 
The user only needs to click on the Curricula SMAL application to be automatically logged into their Curricula learner account where they can watch new episodes available for them to complete.
  
Your Google <> Curricula integration is now complete! 
If you have any questions or need additional assistance, you can visit Google’s Help Center or their SSO Troubleshooting resource.

    You can contact us anytime by submitting a support request using the link below: