G-Suite Configuration (SHA-256)

This article details how to configure G-suite for use with Education Perfect's Single Sign-On (SSO) system.

Please note that we now support logging in with Google directly, and it may not be necessary to set up an integration at all!
Please see our help doc here or contact us on support@educationperfect.com for more details.

Sending us your metadata

  1. From the G-Suite Admin console Home page, go to Apps and then SAML apps.
  2. Click Add App -> Add Custom SAML APP
  3. Add anything as the App name, click Continue
  4. Download the metadata and send this to us along with a couple of test accounts
  5. Cancel out of adding this App

Secondary Steps

Once you get a response from us, please do the following:

  1. From the G-Suite Admin console Home page, go to Apps and then SAML apps.
  2. Click Add App -> Add Custom SAML APP
  3. Add 'Education Perfect' as the App name, click Continue twice
  4. On the Service Provider Details screen, enter the following:
    1. ACS URL: https://iam.educationperfect.com/samlv2/acs
    2. Entity ID: Issuer: as provided by us (please note that we are unable to provide this value until after we have loaded your metadata from step 4)
    3. Start URL: https://www.educationperfect.com/app/#/dashboard
    4. Signed Response: Leave unchecked.
    5. Name ID Format: EMAIL
    6. Name ID: Basic Information, Primary Email.Click Next
  5. On the Attribute Mapping screen, click Finish
  6. Click User Access and and then turn it on for everyone (as below) or for specific organisational units as appropriate, and click Save. As noted, it may take up to 24 hours for this change to take effect for all users.If you do not turn the Education Perfect app on for your users they will see the following error message when trying to log into Education Perfect:
  7. Once this is done, please email us and let us know so that we may commence testing
  8. Please note, that users will need to be signed into their school-affiliated Google account in order to be able to log in via SSO(or at the least, not signed into a different Google account)

Match existing users to their accounts

If your students have already been using Education Perfect without a G-Suite integration, their EP accounts will need to be linked to the unique identifier G-Suite uses to confirm their identity. The above settings will make this their email address, but we use the test accounts to confirm everything is configured correctly.

We'll match up everyone we can on your behalf. We will then send you a list of anyone we couldn't match. Once you send us the details for those people, we'll update them as well. 

Please note that until we have completed this step users will get an error if they attempt to log into Education Perfect via G-Suite. Users need to be logged in to their school-affiliated google account in order to be able to log in through Single Sign On

Other Errors

500

This error generally means something is wrong with the configuration and may require support from Google directly. However it may be worth checking that your SAML certificate has not expired first.

Your feedback is taken seriously at EP! Did you find this article helpful? We'd love to hear how we can improve this article! Click the contact us form below to tell us what you think. There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us