I’m attempting to setup Google through Cloudflare Access SaaS and I’m using the following directions.
More info about Google SSO Profiles
I’m deviating slightly in that I’m wanting to use a SSO Profile in Google rather than setting the entire Google Workspace tenant to use Cloudflare SSO.
Google gives me a separate Entity ID and ACS URL to use when using a SSO profile, which I plug into their respective fields in Cloudflare. I’m just getting 500 errors when logging into Google via Cloudflare.
I’m using a separate idP that is NOT Google as well.
Has anyone set this up before using SSO Profiles vs the entire SSO for the whole organization?
I’m not sure if Cloudflare Access is hard coded to look at https://www.google.com/a/<your_domain.com>/acs?
My example ACS URL is:
https://accounts.google.com/samlrp/acs?rpid=xxxxxxxxxxxxxxx
My example Entity ID is:
https://accounts.google.com/samlrp/metadata?rpid=xxxxxxxxxxxxxxxx
I do have Azure AD setup using an SSO Profile in Google Workspace and that works without issue. So I’m guessing either I’m doing something wrong or Cloudflare Access doesn’t support SSO Profiles at this time.
Thank you in advance for your help! 