Connect your Single-Sign-On account to Comeet and reap the benefits of easy sign-in and automatic syncing with your G-Suite people management setup.
- Stay in-sync: Keep Comeet in sync with the company’s G-Suite.
- Import new users with ease: Current users in G-Suite can easily be added to Comeet.
- One click log-in to Comeet for G-Suite users.
- Off-boarding users: Disabling the user’s access to the application through G-Suite will block them from accessing Comeet.
- Access to Comeet's Authentication settings menu. The integration can be set up by the following company roles in Comeet: Owner, Admin and IT Admin.
- Admin access to G-Suite.
1. Connect to your G-Suite: https://admin.google.com/.
2. Select "SAML apps" in the "Apps" menu and press the "+" sign to add a new app.
3. Search for "Comeet" and select the Comeet app. On the next menu, download the IDP metadata XML file (under Option 2) and proceed to the next step.
4. Make sure that Comeet's app details in G-Suite are defined as can be seen in the screenshot below and proceed to the next step.
5. Navigate to the Authentication menu in Comeet's system settings and press "Connect" to connect with G-Suite. Open the metadata file that was downloaded in step 3 (using a text editor like notepad) and copy all the text from it. Paste the copied text value under the “SAML Signing Certificate” field.
6. Copy the values from the fields “ACS URL” and “Entity ID” and paste both values in the relevant fields in G-Suite.
7. Change the “Name ID Format” to “EMAIL” and proceed to the next step.
8. In the "Attribute mapping" menu, select "ADD NEW MAPPING". Add the mapping "comeet_id" (case sensitive) and select "Basic Information" and "Primary Email" in the drop down lists respectively. Once done press “FINISH”.
You should see the following notification message:
9. In G-Suite, navigate back to the Comeet app and press "EDIT SERVICE". Make sure that the app is set to "ON for everyone". This step is necessary to complete the integration and can be changed after the integration is activated.
10. Once Comeet's app is available, right mouse click it and copy it's link address.
11. Navigate back to the Authentication menu in Comeet's system settings and paste the copied value in the "SAML SSO url" field. Once done press "Connect".
12. After making the initial connection, return to the G-Suite integration menu in Comeet's system settings and copy the value from the "Secret Token for your company" field.
13. Navigate back to Comeet's app in your G-Suite and select "SET UP USER PROVISIONING" under the "User Provisioning" menu. Paste the secret token in the "Authorize" screen and proceed to the next step.
14. In the "Map attributes" menu, review the “Comeet attributes” section and make sure your mappings are configured the same as in the screenshots below.
15. In the next menu ("Set provisioning scope"), you can select specific groups that you would like to provision and grant access to Comeet's app. If no specific groups are selected, by default all G-Suite users will be provisioned to the Comeet app. Once done hit “FINISH”.
16. At this point, user provisioning should be activated:
However, you might encounter a #503 error. If you do, simply press on the “Activate Provisioning” button again.
17. Once user provisioning has been activated, G-Suite will start synchronizing the relevant groups/users that have been provisioned. The synchronization might take some time to complete. You can view how many users have been provisioned by looking at the “User provisioning” menu in your G-suite (for Comeet’s app).
18. Please note that the synchronization is done using user’s email addresses, so you need to make sure that each user is registered with the same email address in both G-suite and Comeet. If there are any users that don’t have a matching email address, we will show a notification about it in the Authentication menu in Comeet's system settings.
19. Once at least one user that has been provisioned and synchronized, you can activate the SSO integration by pressing on the button that reads “Activate”.
20. Once the integration is activated, all users will be required to login to the system using SSO.
If you have encountered any problems during the setup of the integration or if you have any questions, please contact our support team at email@example.com. We’ll be happy to assist you with the configuration and activation of the SSO integration or answer any questions you may have.
Sign up using SSO
- Sign up from Comeet’s website – users are redirected to sign in on your company’s SSO. If they are already signed up, they will be re-directed to Comeet.
- Sign in through the list of apps in your organization (from G-Suite).
Q: When trying to sign in with G-Suite SSO I get an error message: "Provided application is not a SAML app".
This error means that you were using a Google account that is not connected with Comeet. Sign in to your Google account that is connected with Comeet and try again.
Q: What happens when an employee leaves the company?
Once the employee has been de-provisioned in G-Suite, their access to Comeet will be blocked. On the teammates page, the employee will be marked as “Deactivated by SSO”. To reassign tasks and roles of employees that no longer have access to Comeet, click on “Deactivate” and choose the teammate to whom you would like to assign their current tasks.
Q: How permissions and roles in Comeet are managed?
G-Suite serves as an access control mechanism. Role permissions are set by the company’s directory services. Teammates’ permissions in Comeet are determined by the company roles and position roles in Comeet.