Configure SAML Single Sign On with G-Suite

NOTE: you can use G-Suite accounts to log into individual Coggle accounts (log in at as normal). You can also configure G-Suite as a SAML ID provider for Single Sign On to a Coggle Organisation, which is what this guide explains.

  1. As an administrator of your G-Suite domain, go to the SAML Apps page.
  2. Click the + button in the bottom right of the page, and then click 'Setup My Own Custom App'
  3. Open your Coggle Organisation's Authentication Settings in a new tab.
  4. Copy the SSO URL from the Google IdP information into the ID Provider SSO URL field in your Coggle Organisation Authentication Settings.
  5. Download the Certificate from the Google IdP information, open it in a text editor, and paste its contents into the Certificate field of the Organisation's Authentication settings.
  6. Click 'Save' to save the Organisation's new settings. Your login URL will be displayed ( >/login), make a note of this URL.
  7. In the Google settings, click 'Next', name the app 'Coggle', give it the description 'Coggle Mind Mapping', and upload the Coggle icon. You can get the Coggle icon from our press page:
  8. Click 'Next', then fill in the following values:
    1. ACL URL:
    2. Entity ID:
    3. Start URL: leave blank
    4. Signed Response: yes
    5. NameID: Basic Information, Primary Email
    6. NameID Format: PERSISTENT

  9. Click 'Next', and on the Attribute Mapping page, add new mappings with the following values:
    1. email: Basic Information, Primary Email
    2. firstName: Basic Information, First Name
    3. lastName: Basic Information, Last Name

  10. Click 'Finish'.
  11. Now you need to enable the App for your G-Suite users:
  12. Go to the  SAML Apps page, Select the new Coggle app, and at the top right of the box, click the three dots, and choose 'On for Everyone' (or one of the other options if you want to configure Coggle for just a sub-set of your users.) Click to confirm the change.
  13. Setup is now complete. You can now test your integration by going to the login URL from step 6 (do this in an incognito browser window, or a different browser, for easier testing).