Intro
Follow the steps in this article to configure Google as a SAML identity provider for Domo. After completing the process, users can sign into Domo using their Google credentials.Prerequisites
To complete the configuration process, you must be signed in as a super administrator in Google. (Learn more about admin roles in Google
.)
And in Domo, you must have an Admin default security role OR a custom role with the (admin-level) Manage All Company Settings grant enabled. Learn more about default roles.
Part 1: Set Up Google as a SAML Provider
- Sign in to your Google Admin console. You must sign in using a Google administrator account.
- From the Admin console Home page, go to Apps > SAML Apps. To see Apps on the Home page, you may need to select More controls at the bottom.
- Select the plus (+) icon at bottom right.
- Locate and select Domo in the application list.
-
On the Google IDP Information page:
- Copy and save the SSO URL.
- Copy and save the Entity ID.
- Download the certificate.
- Select Next. The Basic information window shows the Application name and Description seen by users.
- Select Next.
-
Edit the Service Provider Details as follows:
- ACS URL — Replace {your‑domain} with your domain name.
-
Entity ID — Paste the “Entity ID” copied in step 5.

- Set Name ID Format to “Email.”
- Select Finish.
Part 2: Configure the Google IDP in Domo
- Open a new incognito browser window.
- Sign in to your Domo instance. You must have an Admin default security role OR a custom role with the Manage All Company Settings grant enabled to set up SSO. Learn more about default roles.
- Go to the Admin Settings.
- Under Authentication, select SAML (SSO).
- Toggle the switch to Enable SSO.
-
Enter the Google identity provider information you obtained from Part 1 in this article in the listed fields:
- Identity Provider endpoint URL — The SSO URL you copied in step 5a in Part 1.
- Entity ID — The Entity ID you copied in step 5b in Part 1.
- X.509 certificate — Upload t he certificate you downloaded in step 5c in Part 1.
- Select Save Config at the top of the page.
Part 3: Enable Domo in the Google Admin Console
- Sign in to your Google Admin console. You must sign in using a Google administrator account.
- From the Admin console Home page, go to Apps > SAML Apps. To see Apps on the Home page, you might have to select More controls at the bottom.
- Select Domo.
- At the top right of the gray box, select Edit Service.
-
(Conditional) To apply settings to all organizations, select On for everyone / Off for everyone, then select Save.
To apply settings to individual organizational units, do the following:
- At the left, select the organizational unit that contains the users whose settings you want to change.
- To change the setting, select On or Off. To keep the setting the same, even if the parent setting changes, select Override.
- (Conditional) If the organization’s status is already Overridden, choose an option: Inherit — Reverts to the same setting as its parent. Save — Saves your new setting (even if the parent setting changes).
- Confirm that your Domo user account email IDs match those in the domain for your Google service.
Part 4: Verify that the SSO is Working
- Close all browser windows.
- Attempt to sign in to your Domo instance. You should be automatically redirected to the Google sign-in page.
- Enter your sign-in credentials.
- After your credentials are authenticated, you are automatically redirected back to Domo.