This guide illustrates how to configure Google Apps as the Identity Provider (IdP) for the Zscaler service. See the Google Apps documentation for additional information about the steps in the example.
Ensure that you have the following to configure Google Apps as the IdP:
To configure Google Apps as the IdP for the Zscaler Service:
To test the SAML configuration with Google Apps:
If any errors occur, see Troubleshooting SAML to troubleshoot browser settings and SAML error codes.
You will upload this in step d of 2. Configure SAML in the Zscaler Admin Portal.
Replace <Zscaler Cloud> with the name of the cloud, which your organization is provisioned on. In this example, the Zscaler SSO URL is https://login.zscalerone.net:443/sfc_sso. To learn how you can find your cloud name, see What is my cloud name?
The Configure SAML window appears.
To learn more about the other SAML settings, see Configure SAML.
If you are using PAC files, enter the following exception to the PAC file exemption list. Otherwise, the authentication will fail.
If (shExpMatch(host, "accounts.google.com")) return "DIRECT";