Overview
This guide walks you through configuring Google as the Identity Provider (IdP) for Maxim using SAML 2.0. You will:- Create a custom SAML app in Google Admin Console
- Download IdP metadata
- Configure service provider details (ACS URL, Entity ID)
- Map user attributes
- Enable user access
- Upload metadata to Maxim and test SSO
Prerequisites
- Google Workspace Super Admin access
- Maxim AI admin access
- SAML-based Single Sign-On (SSO) enabled for your plan. Check plans for more details.
Step-by-Step Setup
1
Create a custom SAML app in Google
- In Google Admin Console, go to Apps → Web and mobile apps
- Click “Add app” → “Add custom SAML app”
2
Application details
Enter an app name (e.g., “Maxim AI”), optionally upload an icon and click “Continue”
3
Download IdP metadata
On the Google IdP details screen:
- Click “DOWNLOAD METADATA” to get the IdP metadata XML and click “Continue”
4
Configure service provider details
- Single sign-on URL (ACS URL):
https://app.getmaxim.ai/api/oauth/saml - Audience URI (Entity ID):
www.getmaxim.ai
5
Attribute mapping
Under the Attributes section, add the following mappings:
- email → Primary email
- firstName → First name
- lastName → Last name
6
Enable user access
From the app’s “User access” section:
- Turn the app ON for everyone, or
- Turn ON for selected Organizational Units (OUs) / Groups as needed
7
Complete the setup in Maxim
- Log in to Maxim AI, go to Settings → Single sign-on, and click “Add identity provider”
- Enter your email address domain as the tenant identifier
- Enter “Google” as the name for the identity provider
- Paste the IdP metadata XML and click “Add provider”
