How to Sign into Dashlane with Google SSO

SSO is Single Sign-On, which ultimately just means, instead of using a new complex master password with your password manager, how could your team go about simply logging in with Google instead?

This would make Dashlane in some way feel like a Google password manager, but one with password sharing, team collaboration, more secure password functionality, and an alternative to Google authenticator 2FA functionality built right into Dashlane.

Setting up Google login (SSO) for your software is a huge value add to your team, getting everyone easy access to their Dashlane password manager, well, if you're technical enough to manage to get it working that is... 😅

As someone that literally started an IT company over a decade ago and ran it for over 5 years, I too struggle getting Google SSO working with my favorite apps.

So if you're anything like me, looking to enable Google login for your team (or should I call it IdP (Identity Provider), SAML (Security Assertion Markup Language), or SSO (Single Sign On), yeah, that's what I'm talking about, and we're here to help you set it up once and for all.

Enter all the benefits of Dashlane, without the downfalls that come with higher security!

If you haven't yet signed up for the Dashlane Business tier for your Dashlane account (required for SSO), you can sign up for your free 14 day trial with an additional Dashlane discount.

Once you're logged in, you're going to want to visit the admin console of Dashlane (you can access it by visiting your Dashlane password vault and pressing "Open Admin Console" in the bottom-left corner). From there, you can visit Single sign-on -> Confidential SSO:

This guide is specifically for Confidential SSO, not Self-hosted SSO

From here, you'll see the steps you need to complete and what information you need to copy/paste (some of it is universal, other parts, like the DNS verification, is unique to your account). We'll go through those steps below in this guide.

In the Google Workspace Admin console, select Apps → Web and mobile apps from the navigation. On the Web and mobile apps screen, select Add App → Add custom SAML app:

Add Custom SAML App in Google Admin Console

On the app details screen, give the application a unique Dashlane-specific name and select the Continue button.

For some reason the logo looks stretched, but upon saving it, it looks fine

You can use the beautiful Dashlane logo that we made right here:

Dashlane Logo

On the Google Identity Provider details screen, use Option 1 and Download Metadata:

You're going to want to open up the XML file it downloaded googleidpmetadata.xml and copy the contents and pasting them back in the Dashlane Admin console under Step 2:

This valid until date should be in the future

If the Valid Until date is not in the future, that means the certificate is expired. If the certificate is expired, that's fine, you can renew it later (after you complete setup), just continue for now—mind you, most people will not experience this:

You might get an expired certificate alert here—we'll deal with that later

Select Continue when you are finished.

On the Service provider details screen, configure the following fields:

On the Attribute mapping screen, select the Add Mapping button and construct the following mapping:

Mapping your attributes in Google Workspace Custom SAML App Setup

Google Directory attributes: Primary email

App attributes: email

Select Finish.

By default, Workspace SAML apps will be OFF for everyone. Open the User access section for the SAML app and set to ON for everyone or for specific Groups, depending on your needs:

Ensure it's turned on for everyone

Enter the email domain for your company and then select "Update Email Domain":

Enter your company email domain

Next, go to your DNS Provider and enter the following information as a DNS TXT record:

Copy/paste the TXT record info (unique to your account) into your domain DNS area

Update your DNS settings (we use Cloudflare to manage our DNS):

Example of TXT record filled out on Cloudflare

Then verify the DNS TXT record back in the Dashlane Admin SSO console:

Successfully verified Dashlane DNS TXT Record

Select the account for the domain you've set it up for:

Select your Google Workspace Account

And then it should successfully redirect you back to Dashlane with a success message:

SSO Test Connection Successful

If you get an error here saying to reach out to Dashlane support and you initially had an expired certificate in the Google Admin console, make sure that you updated the IdP metadata in Step 2 to the new certificate generated (otherwise you'll get an expired certificate message in the console logs). Refer above to the Certificate Expired step if this is the case for you.

Important Note: You'll need to contact Dashlane Support if you ever want to deactivate SSO after activating it:

Activate SSO

Success!

If your team members formerly had a Dashlane login, the next time they login, they'll be prompted with the following message to login via SSO (Google Login):

Google single sign-on (SSO) now enabled for everyone