Configuring Loggly Single Sign On (SSO) for Google
Step 1: Creating the Custom Group Attribute
From your GSuite Admin page, click the Users icon
From Users list page, click on More drop down menu and select Manage custom attributes
Click on Add custom attribute
Add custom field using the information below and save
Go back to the Users list page https://admin.google.com/ac/users, select one of the users and click the User information section
Scroll down to External Groups and enter the name of the external group you’ve created from third step and click Save
Step 2: Create SSO App
Select SAML App and click on ‘+’ to add new SAML App:
On the page that opens select "Add a service/App to your domain and then "Setup My Own Custom App":
On the ‘Google IdP Information’ screen, download the IDP metadata under ‘Option 2’. We will need you to send the metadata to Loggly.
Name the application, e.g. ‘Loggly SSO’:
Add your relaying party information:
- ACS URL:
- Entity ID:
- Start URL:
Enter the following attributes (lastname, firstname, emails, groups):
Turn On the SAML App:
Step 3: Provide key information to Loggly
Provide the following information to Loggly (captured in the previous 2 steps):
- IDP metadata file
- Group mapping information (optional). See Step 1.
Loggly controls user access through SSO via group membership mappings. In order to access the product, each user must be a member of at least one mapped group. Groups may map to one of two privilege levels, "user" or "administrator". A user belonging to multiple groups will receive the highest privileges among any of their groups.
If you don’t wish to provide this information, we will use the following default mapping:
When the APM Integrated Experience is enabled, Loggly shares a common navigation and settings with the other integrated experiences' products. How you navigate Loggly and access its features may vary from these instructions. For more information, go to the APM Integrated Experience documentation.