How To Set Up Your Own Google App (SAML)

Last updated 07/12/2024

Step 1

Log in to the Google Admin Console:

Step 2

  • Click on Apps > Overview.
  • On the Apps page, click on Web and mobile apps.
  • Click on Add App and then Add custom SAML app.
Step 2

Step 3

  • For App Name, enter your organization's name.
  • Enter a description and App icon if you'd like.
  • Click Continue.

Step 4

  • In the dialog that appears, complete Option 1 to download the IdP metadata, and keep this for the Bread & Butter setup below.
  • Note: The X.509 Certificate will expire in 5 years. Set a reminder for yourself to generate a new Certificate before it expires. If the Certificate expires, your users will no longer be able to log in with the provider
  • Click Continue.

Step 5

  • For ACS URL, enter the following:

  • For Entity ID, choose a unique name
  • Leave Start URL blank
  • For Name ID Format, choose EMAIL.
  • Click Continue.
Step 5

Step 6

Under Attributes, click Add Mapping and add the following entries (case sensitive):

  • Add email, and choose the value Primary Email from Basic Information
  • Add first_name, and choose the value First Name from Basic Information
  • Add last_name, and choose the value Last Name from Basic Information

Click Finish.

Step 6

Step 7

  • Your app information should now be displayed. Expand the User Access section by clicking on it.
  • Set Service Status to ON for everyone.
  • Click Save.
Step 7

Step 8

Bread & Butter Setup:

  1. Go to
  2. Click Sign In and authenticate (or Sign Up make a new account and authenticate).
  3. Go to Settings in the left menu.
  4. Click on the Google button under SSO Settings > Enterprise Accounts.
  5. Choose SAML for the protocol.
  6. Enter a name.
  7. Enter a description (optional).
  8. In the Login URL field, enter the SSO URL from the downloaded "GoogleIDPMetadata" document.
  9. In the Entity ID field, enter the Entity ID that you set in Step 5.
  10. In the X.509 Certificate field, enter the X.509 certificate from the downloaded "GoogleIDPMetadata" document. Do not include -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----.
  11. Click Save.
  12. Enable Google by clicking the new entry in the Google Identity Providers list.
Step 8

Don’t use Bread & Butter? Want to learn more about how Bread & Butter solves the four biggest problems facing marketers today? Book a demo and see how Bread & Butter is helping marketers make the most of their first-party data