reading time 5 mins

This guide will show you how to set up a Google SAML SSO application.


SAML SSO requires a Standard subscription

Want to try it out first? Start a free 30-day trial.


Create Custom SAML App

Open the Google admin console, then select Apps > SAML apps.

From the Add App menu, select Add custom SAML app.

Name the application and optionally upload the Doppler logo for the App icon.

On the following page, click the Download Metadata button to download the GoogleIDPMetadata.xml file which you'll use later.

Click Continue, then configure the app with the following values.




Entity ID

Start URL

Name ID format


Name ID

Primary email

On the following page, map the first name, last name, and email fields.

Click Save to complete the app configuration process.

SAML App Access

Configure access to the Doppler SAML application for required users, organizational units, and/or groups by clicking the User access dropdown.

Enable SAML SSO in Doppler

Paste the contents of the GoogleIDPMetadata.xml file into the IDP XML field, select the Email Domain, choose the Access Level given to users when first signing in, then click Save.

SAML Single Sign-On should now be enabled with a Sign-In URL (SSO URL) to share with your team.

Testing Google SAML SSO Sign-In

The final step is testing the sign-in flow. Open a new incognito window using the SSO URL and if you were able to sign-in successfully, then you're all set!

If you encounter any issues, leave the incognito window open, then verify the configuration steps for the Google custom SAML app and the Doppler SAML settings, then try signing in again using the inconito window.

If you're still unable to sign-in, reach out via in-product support and we'll help you troubleshoot the issue.


Congrats on setting up Google SAML SSO!

Did this page help you?