For setup instructions, we recommend clients first follow our SAML instructions here:

Once basic SAML integration has been set up, there are a few additional steps required in order for a user's assigned roles to be contained in the SAML response from your server.

SSO configuration in Google Workspace

Configure a new Role on the user object

Map the newly defined role to the App attribute "groups"