Google (G-suite) can be used as a SAML identity provider together with Qlik Sense in order to implement a single sign-on solution.Disclaimer:
This article is not a step-by-step on how to set up SAML with Google. It only explains about settings that can cause potential issues.Environments:
- Qlik Sense Enterprise for Windows June 2017 and later
As of November 2019, G-Suite now signs by default the SAML assertion that is required by Qlik Sense.
Procedure:1) Google Administration Console: Google IdP Information
- Download the Identity provider metadata file2) Qlik Sense: Virtual Proxy settings
- Upload the modified IDP metadata file by clicking "Choose file" for the SAML IdP metadata3) Google Administration Console: Service Providers details
Set the following based on your Qlik Sense virtual proxy configuration:
Signed Response is not supported in Qlik Sense, so the checkbox should be unchecked.
AssertionConsumerService(ACS) url: https://qliksenseservername.org:443/yourvirtualproxyprefix/samlauthn/
NameID Format: transient
Last but not least, don't forget to map the attribute name that was chosen for User Id in the virtual proxy in G-suite.