You can simplify logging into Chromebooks by enabling Wonde as your Identity Provider. You will need an administrator account for your school's GSuite in order to complete these steps. Start by visiting https://admin.google.com and logging in with this administrator account.

Required Settings

  1. Navigate to Security > Set up single sign-on (SSO)

  2. Enable Setup SSO with third party identity provider

  3. For Sign-in page URL & Sign-out page URL enter https://edu.wonde.com/chrome-os

  4. Download our Identity Provider certificate from https://wonde.com/idp-public-cert.pem

  5. Upload the certificate under Verification certificate and then click Save

  6. Enable Use a domain specific issuer

  7. Optionally, for Network masks, if you want to restrict the use of Wonde SSO to only a subset of your users then enter one more CIDR notation network masks (see https://support.google.com/a/answer/6369487 for more information)

  8. At the bottom of the section, click Save

  9. Navigate to Devices > Chrome devices > Chrome (on the breadcrumb in the top left corner) > Device settings (Please skip to step 15 if you're not setting up Wonde as an IdP for Chrome OS devices)

  10. Select the OU you are using for your Wonde SSO enabled Chromebook.

  11. Under Single Sign-On IdP Redirection, set Redirect users to SAML SSO IdP to Allow users to go directly to SAML SSO IdP page

  12. Under Single Sign-On Camera Permissions, add https://edu.wonde.com

  13. Under User data select Erase all local user data

  14. At the bottom of the section, click Save

  15. Navigate to Devices > Chrome devices > Chrome (on the breadcrumb in the top left corner) > User & browser settings

  16. Under Cookies set Default Cookie Setting to Allow sites to set cookies

  17. At the bottom of the section, click Save

Additional Settings

We recommend configuring the settings below for the best possible user experience when logging into a Chromebook via Wonde.

  1. Navigate to Device Management > Chrome Management > User Settings

  2. Select the OU containing the Wonde users who will be logging in with Chromebooks

  3. Under Lock Screen, set Lock Screen to Do not allow locking screen

  4. Under Idle Settings, set Action on idle to Logout, Action on lid close to Logout, Lock screen on sleep to Lock screen

  5. Under Single Sign-On, set SAML-based Single Sign-On for Chrome Devices to Enable SAML-based Single Sign-On for Chrome Devices

  6. Under Pages to Load on Startup enter https://edu.wonde.com

  7. At the bottom of the section, click Save

Did this answer your question?