Directory-as-a-Service® – Primary G Suite Identity Provider?

Written by Greg Keller on April 6, 2017

Share This Article

G Suite has become one of the hottest cloud platforms on the planet, but it isn’t without competition. Microsoft Office 365 is making it interesting, and for cloud infrastructure, AWS is the current market share leader.

The shift to the cloud is creating a new conversation around cloud identity management solutions. How do IT admins securely connect and manage user access to a wide variety of resources? One solution is emerging as a viable candidate to be the G Suite identity provider as well as other cloud and on-prem IT resources. We’re talking about Directory-as-a-Service.

Why G Suite isn’t a Full Identity Provider

G Suite fail

G Suite Directory is already in place and Google Identity Management Services are being talked about. Consequently, IT admins ask: Why can’t those Google solutions integrate to become the cloud identity management platform for my organization? The answer is quite simple. G Suite Directory – previously known as Google Apps Directory – was never meant to be a replacement for Microsoft Active Directory. Google approaches IDaaS as a user management platform for Google Apps and a select few web applications. While G Suite Directory may be a SAML identity provider in the narrowest sense of the definition, it is not meant to be an identity provider for an entire organization.

How to Integrate G Suite with a Cloud Directory

G Suite JumpCloud Integration

A tight and seamless integration with G Suite makes Directory-as-a-Service the primary identity provider to Google Apps, on-prem systems, cloud applications and infrastructure, WiFi networks, and much more. Through the cloud directory service, IT admins can manage user identities across G Suite and virtually all of their IT resources. This happens regardless of platform, protocol, provider, or location. In short, integrating G Suite with Directory-as-a-Service gives IT organizations the chance to eliminate Microsoft Office, Exchange, and Active Directory, if they so desire.

Walkthrough: G Suite Integration

  • Sign up for JumpCloud® and connect to your G Suite account. (You’ll need a superadmin user account, with API access turned on in G Suite to do so.)
  • Import Users – either from G Suite or through the JumpCloud Directory-as-a-Service platform.
  • Provision, Deprovision, or Update Users in JumpCloud – any changes in JumpCloud are automatically propagated to G Suite. Everything is instantly synchronized with centralized control. New users provisioned in JumpCloud can be automatically provisioned in G Suite. A user that is removed from the core directory will also have their account disabled in G Suite. A password update in JumpCloud syncs with G Suite.

The beauty of this approach is that your users’ G Suite credentials can now used on their Mac, Windows, or Linux device for login. AWS cloud servers can also be managed with the same credentials. On-prem applications that authenticate with LDAP are integrated as well. Also, web applications leverage True Single Sign-On™ capabilities and are tied to the identity provider.

Beyond serving as the core identity provider, and similar to Microsoft Active Directory, Directory-as-a-Service also ends up handling system management activities. Examples include cross-platform GPOs, and multi-factor authentication.

Make G Suite Identity Provider Your Primary with JumpCloud

Drop us a note to learn more about how Directory-as-a-Service is becoming the G Suite identity provider. We’d be happy to walk you through the benefits of G Suite vs Office 365. And show you how our cloud identity management platform can eliminate Active Directory. Finally, feel free to try out our IDaaS solution for yourself. Your first 10 users are free forever.

Continue Learning with our Newsletter