From 023de149e628c3a918a9ec3859812f85de5bc209 Mon Sep 17 00:00:00 2001 From: Ana <80057853+anaerquicia@users.noreply.github.com> Date: Mon, 20 Apr 2026 09:31:40 +0200 Subject: [PATCH] Update google.mdx --- .../access-security/single-sign-on/google.mdx | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/pages/docs/access-security/single-sign-on/google.mdx b/pages/docs/access-security/single-sign-on/google.mdx index 84ea4f7408..001fac772f 100644 --- a/pages/docs/access-security/single-sign-on/google.mdx +++ b/pages/docs/access-security/single-sign-on/google.mdx @@ -5,11 +5,11 @@ Before using this document, read the [general Mixpanel SSO set-up instructions](/docs/access-security/single-sign-on). -You have two setup options in order to use Single Sign-On (SSO) for Mixpanel through Google Workspace IDP: +You have two setup options to use Single Sign-On (SSO) for Mixpanel through Google Workspace IDP: -A. For most use cases, you can use the **Mixpanel app** within Google Workspace app store +A. For most use cases, you can use the **Mixpanel app** within Google Workspace's app store. -B. If you have a more custom setup, follow Google Workspace's documentation on setting up a new application to create a custom Mixpanel app. +B. If you have a custom setup, follow Google Workspace's documentation on setting up a new application to create a custom Mixpanel app. ### Configure SSO in Mixpanel @@ -29,7 +29,7 @@ A. If you use the Mixpanel app from the store, the following SAML configuration ![use_existing_app](https://github.com/user-attachments/assets/4d42cf48-9b1e-4be2-8b56-ec76edaad118) -B. If you create a custom app, you must fill the form found in the **Configure SAML** menu in Google Workspace. Make sure that the following fields are adjusted to exactly match the corresponding values: +B. If you create a custom app, you must fill out the form found in the **Configure SAML** menu in Google Workspace. Make sure that the following fields are adjusted to exactly match the corresponding values: - **ACS URL:** https://sso.mixpanel.com/sso/saml2 - **Entity ID:** https://mixpanel.com/security/sso/v2/authorize/ @@ -39,13 +39,13 @@ The following screenshot highlights what you should place in the fields: ![custom_saml_app](https://github.com/user-attachments/assets/be8660ff-084f-409e-9dec-49e17b7563e6) -Additionally, it is required that you use `email` as an attribute statement, other attributes we recommend include `firstName` and `lastName`. +Additionally, it is required that you use `email` as an attribute statement; other attributes we recommend include `firstName` and `lastName`. ![attr_mapping](https://github.com/user-attachments/assets/b10ea8bf-ff1a-4270-8b97-0d078ae46fde) ### Obtain Information From Google Workspace -In order to configure Mixpanel use with Google Workspace, you must first obtain your **Public Certificate**, **SSO URL**, and **Entity ID**. +To configure Mixpanel use with Google Workspace, you must first obtain your **Public Certificate**, **SSO URL**, and **Entity ID**. To access this information, access the Mixpanel app in Google Workspace (or create a custom app) first select **DOWNLOAD METADATA**. Then, grab the **SSO URL** and **Entity ID** as well as the certificate to upload in Mixpanel (we recommend adding the expiration date to the file name to make it easier to manage in Mixpanel). @@ -57,10 +57,12 @@ From Mixpanel, navigate to your **Organization Settings** and then the **Access ![sso_settings_in_mp](https://github.com/user-attachments/assets/e97be4c6-dc1f-44d1-adb4-530679bca9ba) -Optionally toggle **Require Single Sign-On** to prevent your users from logging in with a username and password. Organization Owners and Admins will still be able to log in using username and password in case SSO is not set up correctly. +Optionally, toggle **Require Single Sign-On** to prevent your users from logging in with a username and password. Organization Owners and Admins will still be able to log in using username and password in case SSO is not set up correctly. -#### Troubleshooting +### Troubleshooting 1. If a Mixpanel account has already been created with the Google Workspace user's email (their Google Workspace Username) and that account is **not a member** of your Mixpanel organization, provisioning setup for that Google Workspace user will fail. To resolve this, manually invite the existing user to your organization. 2. Provisioning will also fail if the domain of the user's email has not been claimed by your organization. To resolve this, manually invite the existing user to your organization. + +3. If seeing the "Error 403: app_not_configured" message when trying to log in, please follow [these instructions](https://knowledge.workspace.google.com/admin/apps/saml-app-error-messages#403_app_not_configured) to grant the necessary permissions to the user's account.