Single Sign-On (SSO) configuration for Google Workspace

This document describes the steps required to activate SSO on your CodinGame for Work account using the SAML protocol with Google Workspace.

Prerequisites for activating SSO on your CodinGame for Work account:

  • Have admin rights on the CodinGame for Work account.
  • Identify the right person on your end who will be able to implement the required configuration changes on your Google Workspace account, i.e. your system administrator.

Notes:

  • Google Workspace does not support User Provisioning so Google Workspace users will still need to be invited directly from your CodinGame for Work account.
  • Account-wide failure to login may occur for your users during the configuration process. Reversing the SSO activation on the account can be done at any time if the configuration fails.
  • At any time, even when the SSO configuration is active, it is possible for an admin to log into the account using email and password credentials through one of the following URLs:https://www.codingame.com/work/login?forcePassword (US site)https://www.codingame.eu/work/login?forcePassword (EU site)
  • You may want to test drive the integration on a CodinGame for Work test account first. In which case, contact your account manager to set up this test account.

To activate the SSO configuration on your CodinGame for Work account:

  1. Open a ticket with the support team by sending a request to support@codingame.com and requesting SSO Activation and if possible, User Provisioning.
  2. The support team should then send you four URL parameters linked to SSO:
    • SP Entity ID
    • SP Assertion Consumer URL
    • SP Metadata URL
    • SP Logout URL
  3. Configure an "App" in Google Workspace corresponding to CodinGame for Work:
    • Admin → Apps →Web and mobile apps → Add App →Add custom SAML app

  • Copy and send the following parameters to the CodinGame support team:
    • SSO URL
    • Entity ID
    • Certificate
  • Click Continue and enter the following configuration in the "Service provider details" panel:
    • ACS URL = SP Assertion Consumer URL (from the CodinGame support team)
    • Entity ID = SP Entity ID (from the CodinGame support team)
    • Leave the other fields unchanged
  • Click Continue and on the Attributes panel, click the "ADD MAPPING" button:
    • For the "Google Directory attributes", select "Primary email"
    • For the "App attributes", type "User.Email"

  • Click Finish

   4. Expand the "User access" panel of the newly created App and activate the Service by selecting the "ON for everyone" option.

  5. For testing purposes, add the Google Workspace admin user used to configure SSO as a user of your CodinGame for Work account.

  6. Contact support to schedule a real-time meeting between one of our engineers and your system administrator. During the meeting, CodinGame will activate SSO on your account, and you may then  check that the Google workspace admin user can indeed connect to CodinGame for Work through SSO. Any final adjustments can be made during this call. As an alternative to real-time meeting, you may just request activation of SSO by sending an email to support@codingame.com.

  7. From now on, any user added to both the Google workspace and the CodinGame for Work account will be authenticated through Google workspace.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.