HCP SSO with Google Workspaces

Hi there,

Has anyone managed to make HCP SSO work with Google Workspace as an IDP?
I have been trying for few hours now and ran out of ideas, so if anyone has a solution or leads, I would be very grateful.

I created a custom SAML app in Google Workspace which is usually pretty straightforward.
In the service provider details I have:

On HCP side, I configured the IdP parameters and verified the primary domain of my Google Workspace. I don’t know how to implement the last element request by HCP SSO wizard:

Paste the “Email Attribute Assertion Name” link into the Attribute Statement as is.

It might be the missing configuration element and I have no idea if/how it can set with with Google Workspaces.

When I try to login via SSO, I get this error in my browser console:

Error while processing route: cloud.index IdP/SSO system did not provide user email address in the expected form (i.e. SAML assertion claim) instrument.ts:124:32

Thanks in advance for your answers!

Hi there,

In case you haven’t figured it out yet and for any other Googlers:

Add the Email Attribute Assertion Name as an attribute

1 Like

It works! Thank you so much!