You set SSO Google your service provider a number ways, depending your organization's needs. Google Workspace supports SAML-based OIDC-based SSO. SSO profiles, contain settings your IdP, give the flexibility apply SSO settings different users your organization.
A Cloud Identity Google Workspace account the top-level container users, groups, configuration, data. Cloud Identity Google Workspace account created a company signs for Cloud Identity Google Workspace corresponds the notion a tenant. Cloud Identity Google Workspace share common technical platform.
Google Workspace Admin. Integrate 3rd-party custom apps. Set SSO Google your identity provider. Set SAML-based SSO custom apps. . Download IDP metadata. Copy SSO URL Entity ID download Certificate (or SHA-256 fingerprint, needed).
To simplify user lifecycle management, organizations SSO synchronize user directory the IdP Google. sync place, (or deleted) users the IdP side automatically added deleted Workspace users. Google's Directory Sync supports Active Directory Entra ID. IdPs support sync Google.
Google one the largest identity providers the Internet. Users rely our identity systems log Google's offerings, well third-party apps services. our business customers, provide administratively managed Google accounts can used access Google Workspace, Google Cloud, BeyondCorp Enterprise.
When use SSO Cloud Identity Google Workspace, external IdP the SAML IdP Google the SAML service provider. Google implements SAML 2.0 HTTP POST binding. binding specifies authentication information exchanged the SAML IdP SAML service provider. following diagram illustrates example how .
Go the Admin console, click Security > Authentication > SSO third party IdP.; Set SSO profile following steps in Set SSO your organization. click Manage the title Manage SSO profile assignments.; Select OUs want disable SSO select under SSO profile assignment.; Save from bottom hand side.
Click Add Identity Provider dropdown menu, select Google. Enter Identity Provider Name* a display (i.e. Google OIDC). Google IdP URL*, enter https://accounts.google.com. Client ID*, paste the URL you copied your clipboard. Client Secret, paste the secret you copied your clipboard .
This official feed the Google Workspace team essential information new features improvements Google Workspace customers. . Multi-IdP SSO beta lets set SSO profiles each your third-party identity providers, giving the flexibility specify authentication method various users your .
After choose external key servicefor Google Workspace Client-side encryption (CSE), need connect Google Workspace an identity provider (IdP)—either third-party IdP Google identity. encryption key service chose encrypt content use IdP authenticate users they encrypt content access encrypted content.
Reference architectures | Cloud Architecture Center | Google Cloud
