Add Google Apps SSO Support for Idea Portals

I want all of our employees to access our internal idea board, they all have a Google Apps account. Our dev team said that this would need to be set up on the Aha side.

  • Guest
  • Jun 3 2015
  • Shipped
Release time frame
  • Attach files
  • Jason Slaughter commented
    July 16, 2015 15:05

    I'm delaying the roll-out of our ideas portal until this feature is implemented; we try to use GAFB sign-ins for everything internal, so that our employees don't need to deal with multiple passwords and logins. I really hope that Aha! implements this soon, at the very least, within a GAFB domain.

  • Tim Tyler commented
    October 8, 2015 19:56

    After reviewing the Idea Portals, our management has specified that Google Apps SSO is an essential feature to utilize Idea Portals for new Feature Requests. Until then we are implementing a Salesforce solution that will be the source of truth for Feature Requests.  This means, as PMs, we must re-enter the idea details into Aha if we are to utilize Aha as our Product source of truth.  

  • Guest commented
    November 16, 2015 02:10

    This feature is currently a deal breaker for us to roll out the ideas portal to our larger company. For organizations that are using the Google SSO in most places, there is an ongoing expectation to maintain a similar experience across new services. Given that our product team is much smaller than the engineering org (which uses Jira), it'll be paramount that they have an easy way to access a brand new tool. This is even more important for non-technical contributors who are the creators of most ideas. Since the public setting is not an option for us from security perspective and the existing two SSO options don't address the Google auth functionality, we will wait until this is developed to use the ideas portal. I hope this helps!

  • Guest commented
    December 2, 2015 02:06

    This feature is important for us to rollout idea portals internally.

  • Dan Reno commented
    December 17, 2015 21:27

    Not quite a deal breaker, but certainly an impediment to our implementation of ideas in our organization.

  • Robert Shedd commented
    May 3, 2016 22:49

    So this is actually possible today using the SAML single sign on option for the Idea portal SSO.

    Here's how you do it:


    In the Google Admin panel:

    * Choose the Setup my Own Custom App
    * Choose Option 2 - download the file
    * Enter "Aha Idea Portal" or similar for name
    * Upload an Aha logo
    * Click Next/Skip until you get to Attribute Mapping.
    * Then select these attribute maps: http://cl.ly/2d1i3C3L0c0C

    Here's the configuration that worked for us: http://cl.ly/2Q0a213x1S1q

    Switch on for everyone: http://cl.ly/1k2l1i1f1Y1I

    ---

    Under Idea Portal SSO configuration, Identity Provider, Choose SAML and then "Metadata File" - select the file you downloaded from Google

    Paste "https://domain.ideas.aha.io/auth/saml/callback" into ACS URL
    Paste "https://domain.ideas.aha.io/" into the Entity ID

  • Ravi Prasad commented
    August 16, 2016 21:07

    SAML does not work for us... since each ideas portal is considered as a separate Service Provider requiring the duplication of entire SAML configuration is not acceptable by our IT.  So, for the internal ideas portal... I would still prefer the authentication through "google apps", since all our employees and partners use the google email configured with our company domain.

  • Sandip More commented
    November 22, 2016 18:55

    I tried steps mentioned by "Robert Shedd". it worked for us.

  • Nate Lee commented
    February 27, 2017 18:12

    Please implement this. It's a major drawback for us.

  • Henry Ferlauto commented
    March 14, 2017 23:39

    I would recommend Aha! take a look at Okta. They are one of big SSO platforms. Their value-add is it's made for developers,not just system administrators.

  • Alison Smith commented
    April 14, 2017 18:46

    Wow this has been an Idea for 2 years - you guys must have some incredible backlog! 

  • James Janssen commented
    October 25, 2017 22:10

    Is it fair to call this shipped? Its more of a workaround.

    Setting up Google SSO on Aha proper requires no special configuration. The Google SSO configuration does not exist for Idea Portals in the same way.

    Setting up G Suite as a SAML provider is not something some are prepared to do, nor are they sure what the implications are of using G Suite as an IDP if they are deferring G Suite to their own SSO/SAML provider.