1

We have G Suite as an identity provider in our company. Some of users also use Azure and Office 365. We want to be able to login by using Google account to Azure Ad and later have this account in AD and assign roles and groups in AD and whole Azure. We want to change passwords in Google etc.

How to setup SSO from Google to Azure?

Deepak Bolla
  • 93
  • 7

1 Answers1

0

Azure AD supports the concept of Identity Providers for External Identities. You can read about it here on Microsoft Docs.

You could enable users from identity providers like :

  • Google
  • Facebook
  • Direct federation (to external identity providers that support SAML or WS-Fed protocols)

Since you specifically mention G suite as an identity provider in your company, Direct federation may be the most relevant one for you. I say this because using Google federation directly is designed for Gmail accounts as mentioned in the note here on Microsoft Docs

enter image description here

How to setup Direct Federation is explained in detail here on Microsoft Docs

Please note that

  1. This feature is currently in Preview
  2. There some important limitations in terms of domain requirements and authentication URL as stated here on Microsoft Docs
Rohit Saigal
  • 9,317
  • 2
  • 20
  • 32