Made in

Join us for the biggest Figma-to-code launch of the year logo
Talk to Us
Talk to Us










Visual CMS

Drag-and-drop visual editor and headless CMS for any tech stack

Theme Studio for Shopify

Build and optimize your Shopify-hosted storefront, no coding required



Get StartedLogin

enterprise plans

Builder supports the industry standards, Security Assertion Markup Language (SAML) and OpenId Connect (OIDC). This means that single sign-on (SSO) integrates with any identify providers that support either. 

This document covers how to integrate Google Workspace with SAML.

Setting up SSO is a two-part effort in which you and coordinate.

  1. Email Builder support at to enable SSO.
  2. Continue with the rest of the instructions in this document while we configure things on our end.

While we enable SSO for your Organization, you can start setting up the SAML App in Google Admin. For more detailed instructions, follow the Google guide, Set up your own custom SAML application: Using SAML-based SSO.

1. Navigate to your Google Admin account and visit your Apps page.

2. Click on SAML Apps.

3. Click the “+” icon or link to create a new app, then select the option at the bottom for Setup my own custom app.

4. Save your SSO URL, Entity Id, and download your certificate, then click Next.

5. In the form that opens, enter the name of the App (such as, builder-io), a description (such as, Drag-and-drop Visual CMS”).

6. Add the Builder logo. Click the image below to open the logo in a new tab if needed.

Builder Logo

7. On the next screen, enter the Builder SAML information:

  • ACS URL:
  • Entity ID:

8. Save service.

8. After you create the SAML app, make sure you turn it on for all users or the group of users you would like to enable access for.

With SSO enabled on your Builder account and an app, you can add your SSO details:

  1. Go back to your Builder Organization page.
  2. Enter the SAML information from your Google account above (SSO URL, Entity Id, and the certificate you downloaded).
  3. When choosing an SSO Name be aware that this is a unique name across all organizations in Builder, and it will be used to access your unique SSO login page; for example, Choose something that is easy to bookmark or remember for you and your colleagues.

Due to recent browser updates, if you previously used the Firebase URL, you must update your authentication domain for SSO to ensure compatibility and security.

To accommodate these changes while maintaining existing SSO configurations, use the new URL as well as the authDomain=new param with the login URL:

  1. Replace the previous Assertion Consumer Service (ACS) URL of with the new domain This applies to both SAML and OIDC configurations and must be updated in the Identity Provider (IdP) settings.
  2. Append the query parameter authDomain=new to the login URL. For example, a bookmarked login URL would be formatted as

Omitting this query parameter will result in incompatibility with the new custom domain. Consequently, SSO may not function with the latest versions of browsers such as Firefox and Safari.

For IdP-initiated logins, the login URL provided by the IdP must also include the authDomain=new parameter to ensure seamless integration.

For more information on adding Builder to your Okta dashboard with the new authentication domain, read Adding Builder to your Okta dashboard.

Looking to hire a third party to help with your project?

Submit a project request and our partnerships team will reach out to connect you with an Expert from our partner ecosystem.

Connect with us

Was this article helpful?


Visual CMS

Theme Studio for Shopify

Sign up


Featured Integrations





Get In Touch

Chat With Us




© 2020, Inc.


Privacy Policy

Terms of Service

Get the latest from


Developer Newsletter

Latest tips, tricks, and news for frontend developers from our blog

Product Newsletter

Latest features and updates on the platform

By submitting, you agree to our Privacy Policy