# Google Workspace (GSuite)

For setup instructions, we recommend clients first follow our SAML instructions here:

{% content-ref url="saml" %}
[saml](https://docs.appetize.io/account/single-sign-on/saml)
{% endcontent-ref %}

Once basic SAML integration has been set up, there are a few additional steps required in order for a user's assigned roles to be contained in the SAML response from your server.

## SSO configuration in Google Workspace

<figure><img src="https://2147444700-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MJUveBCJfn0GR8-hlqi%2Fuploads%2FLPOxRlLu8S5Ym7IOn8S9%2Fgoogle_workspace_appetize_sso_configuration_1.png?alt=media&#x26;token=0b2c6e3e-3df1-4f44-8709-242e6b48cb00" alt=""><figcaption><p>ACS URL and Start URL will be provided by Appetize.io</p></figcaption></figure>

## Configure a new Role on the user object

<figure><img src="https://2147444700-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MJUveBCJfn0GR8-hlqi%2Fuploads%2FNFicznIT1TIZJ1feSaMk%2Fgoogle_workspace_appetize_sso_configuration_2.png?alt=media&#x26;token=46985a8b-ac9b-4150-8c23-d7fdbaf6ccfe" alt=""><figcaption><p>Define the Appetize_role (or name it as you wish)</p></figcaption></figure>

## Map the newly defined role to the App attribute "groups"

<figure><img src="https://2147444700-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MJUveBCJfn0GR8-hlqi%2Fuploads%2FbFphSbLa5Ee6wYZkvER4%2Fgoogle_workspace_appetize_sso_configuration_3.png?alt=media&#x26;token=7985f458-dde1-4b67-92fe-74a8dc473df1" alt=""><figcaption><p>Map user role to "groups" attribute</p></figcaption></figure>