As an admin, you can set up Google Workspace single sign-on (SSO) for your plan members with SAML.
Before you start
Open and log in to these platforms with your admin accounts:
- The Dashlane Admin Console
- The Google Workspace Admin Console
- Your Public DNS provider account
- Your Encryption Service account—Azure or AWS
Time to complete SSO setup: 15 minutes
Set up SSO
- Set up the Dashlane encryption service.
Copy the URL from the encryption service setup, open a new tab in your browser, and paste the URL into the address bar. A Dashlane page appears to confirm that the encryption service is set up.
Note: If this confirmation doesn't appear, make sure you completed the encryption service setup.
- Open the Dashlane Admin Console, select Settings, Single sign-on, and Set up for SSO settings.
- In the Verify your company email domain section, enter your company email domain and then select Add domain to see the new HOSTNAME and TXT VALUE
- Go to your Public DNS provider account and create a new TXT record. The exact steps vary depending on your provider.
- Return to the Dashlane Admin Console, Copy the HOSTNAME and TXT VALUE, and paste this information into the new TXT record you created in your Public DNS provider. Save your changes.
- In the Verify your company email domain section, select Verify next to your company's domain name.
- Wait a few minutes for the DNS record to be replicated throughout the internet. A green checkmark appears to verify your company email domain. In rare cases, it could take up to 24 hours. Continue to select Verify until the green checkmark appears.
- Repeat steps 3-7 to add more company email domains.
Note: You can’t link multiple SSO providers to a single Dashlane plan.
- Open the Google Workspace Admin Console, select the Apps drop-down list and then Web and mobile apps.
- Select the Add app drop-down list and then Add custom SAML app.
- In the App details page, enter "Dashlane" for App name, "Dashlane SSO" for Description, and upload the Dashlane logo for the App icon.
- Select CONTINUE.
- Select CONTINUE again to confirm the Google Identity Provider details page.
- Select the Copy icon to copy the Entity ID, return to the Google Workspace Admin Console and paste it into the Entity ID section. Then, copy the Assertion Consumer Service URL from Dashlane and paste it into ACS URL section in the Google Workspace Admin Console.
- Select CONTINUE.
- Select FINISH.
- In the Dashlane app you just created in Google Workspace, select OFF for everyone in the User access section.
- In the Service status section, select ON for everyone and then SAVE.
- Select DOWNLOAD METADATA.
- Select DOWNLOAD METADATA again.
- Open the XML metadata file that was downloaded to your computer in an application like TextEdit for Mac or Notepad for Windows.
- Select all and copy the contents of the XML file.
- Return to the Dashlane Admin Console, paste the contents of the XML file into the Add identity provider metadata section and select Save changes.
- In the Test the SSO connection section in Dashlane, select Test connection for any of the groups or people you assigned including yourself. A SUCCESS message appears if SSO was set up as expected. To test with an individual member, select Copy test URL and send it to that member to open. That member enters their SSO Email and Password. If MFA is enabled, the member also logs into that.
- When you're ready to enable SSO, return to the Dashlane Admin Console and select Enable SSO.
Once enabled, all non-admin plan members are converted to SSO members the next time they log in. Members enter their Master Password for the last time and use SSO going forward.
Any new members invited to your Dashlane plan won't have a Master Password and will only use their SSO to log in.
All members who use SSO are automatically redirected to the SSO login flow.