Using Google Single Sign-On (SSO) With SugarCRM

by Roxana Rangu on March 28, 2019

5 minute read

Did you know that there's a way to access Sugar, your email, and your other favorite tools with one login? Well, it's possible, thanks to Sugar allowing the use of Single Sign-On (SSO). 

Happy reaction in a meeting

Log In. Just Once.

Over the last decade, agility became a must in keeping up with technology and the Internet has seen the boost of SAML Single Sign-On. (SSO) is a fast way of authenticating through an identity provider into websites and software with one account of your choice. This makes signing up for and into accounts easier and safer, as you only need to know one set of login credentials. 
The Security Assertion Markup Language (SAML) is an open standard that determines how the providers can offer both authentication and authorization services, allowing a user to log in just once and gain access to different applications, without the need to re-enter login credentials for each application. How does this sound? 

Benefits

Are you wondering why you would want to do this (apart from the obvious ease of remembering only one password)?

Well, the ability to log in with one set of credentials improves workflow and security in the blink of an eye. It eliminates credential reauthentication, minimizes phishing and improves compliance through a centralized login database. The passwords are always handled securely and if at some point your account is compromised in any way, you only need to change and secure only one password.

We’d like to mention boosting productivity as well. We all know how frustrating it can get to handle complex passwords for each service you use. Forgetting and recovering a password is a pain! This leads to wasting time and being less productive. 

A Better Way for Sugar Users!

Why are we telling you all of this? Because Sugar allows SSO authentication using Google and SAML, making this option readily available to you! 

If you’d like to learn more about how this it can make your company safer and more productive, keep scrolling.

Make Sure You Meet the Requirements

It’s time that your employees stop using different passwords for every service login! To do that, make sure you check every point we’ve listed below:

  • Your company must have an active Google G Suite account (Basic, Business, or Enterprise). 
  • Your Sugar users should have accounts in your organization's G Suite account.  
  • You must have access to a G Suite administrator account and a Sugar administrator account to configure the SAML settings for your instance via Admin > Password Management.
  • You must be familiar with G Suite and how to set up the SSO configurations that meet your organization's needs. 

 Follow Our Easy Step-By-Step Guide 

1. Add SugarCRM as a SAML Application by using the following steps:

  • First, navigate to the Google Admin console in your web browser and log in with your G Suite administrator credentials.
  • On the Admin console dashboard, select "Apps", as shown below:

Google Admin Dashboard Screenshot

  • On the Apps page, select "SAML apps"

Apps in Google Admin Dashboard Screenshot

  • Next, click the plus (+) icon on the bottom right of the SAML apps page then locate and select "Sugar". 
  • In the Option 2 section, click "Download", then save the metadata file which will be needed later when you configure the SAML authentication in Sugar. Click "Next".
  • On the Basic Information step, enter an application name of your choice (e.g. SugarCRM). Optionally, you can enter a description (e.g. SugarCRM Application) and upload a logo. Click "Next".

step 3 of 4 in Google Admin Dashboard Screenshot

  • On the Service Provider Details step, enter the following values into the corresponding fields:
    • ACS URL:  https://{your-sugar-url}/index.php?module=Users&action=Authenticate
    • Entity ID: php-saml
    • Start URL: https://{your-sugar-url}/
    • Name ID Format: EMAIL

Note: Replace {your-sugar-url} with your Sugar instance's domain.

step 4 of 4 in Google Admin Dashboard Screenshot

  • Click "Finish".

2. Enable the SugarCRM App for Users

All you need to do to enable the SAML application for users is to navigate to Apps > SAML apps in G Suite and select the SugarCRM app. 
Click the three dot icon on the upper right and select one of the following options according to your organization's requirements:

  • On for Everyone: This enables the SAML application for all users
  • On for Some Organizations: This enables the SAML application for certain groups and users assigned to those groups

Don’t forget to make sure that the email IDs for your Sugar users match those in your Google domain. 

3. Configure Sugar for SAML Authentication

Finally, when configuring Sugar to work with Google, you must:

  • Log into Sugar as an administrator and navigate to Admin > Password Management.
  • Scroll down to the SAML Authentication section and place a checkmark in the box next to "Enable SAML Authentication".

Enable SAML Authentication Screenshot

  • Click the "Import IdP Metadata File" button at the top of the page, locate the metadata file you saved in Step 5 of the Adding SAML Application in Google section, then click "Open".
  • The Login URL, Entity ID, and X509 Certificate fields will be auto-populated with information from Google. Optionally, complete any other desired fields on the setup page.

save SAML authentication settings screenshot

  • Click "Save" to preserve the settings...and you’re done! Your users can now log into their SugarCRM accounts automatically using SSO.

As you can see, SSO offers clear user experience, productivity, and cost-saving benefits that shouldn’t be overlooked. If you need assistance or have questions about configuring SSO with Google for Sugar, contact us today.

Get instant updates
in your inbox

Sign up and be the first to know when we publish a new article on our blog. Read our privacy policy.
Trustpilot