By Greg Keller Posted October 9, 2016
There are two thoughts when IT admins think of G Suite single sign-on:
The first is generally, “How do IT admins enable SSO into the G Suite of solutions?”
The second is, “How do users leverage their G Suite credentials to SSO into other IT resources?”
These are important questions for IT organizations given the prominent role that G Suite now plays in the enterprise. Over 2mm businesses rely on G Suite for their email hosting, file storage, productivity applications, and video conferencing. G Suite took the market by storm in the late 2000s and hasn’t really looked back since.
Google Apps for Work is Now G Suite
Google has continued to evolve the solution set – and, the name too (they’ve recently gone from Google Apps for Work to G Suite). For many of these organization, G Suite is one of their core solutions and virtually their entire business runs on it. This is often because each employee has an email address that is hosted with Google.
As a result, IT admins quickly think about how they can extend G Suite identities to be used throughout their organization and with other services. If the organization already has an SSO solution, IT wants to ensure that a user can quickly and easily SSO into G Suite.
This is largely an easy ask. All credible SSO solutions support G Suite logins. The second part of the question becomes a lot more tricky. Can you extend G Suite identities to work with other IT resources such as systems, applications, and networks?
The simple answer is not really. G Suite’s directory service isn’t really built that way.
Challenges Achieving G Suite Single Sign-On
You can, through SAML and OAuth, authenticate into a select number of web applications using G Suite. But the G Suite directory doesn’t authenticate systems, on-prem applications, a wide range of web applications, networks, and more. The G Suite user management system isn’t meant to be the core identity provider for an organization.
G Suite was designed to integrate with on-prem, legacy directory services tools such as Active Directory and OpenLDAP. Unfortunately, IT admins are loathe to leverage another on-prem system. They are trying to move to the cloud and away from on-prem systems.
The allure of the cloud is why G Suite is so popular to begin with. So forcing IT admins to integrate with AD or LDAP via their GADS tool is not what they are looking for. In fact, that’s why many G Suite customers have integrated with Directory-as-a-Service®.
Better SSO with a Directory-as-a-Service
This cloud identity management platform seamlessly integrates with G Suite and eliminates the need for AD or LDAP. Leveraging G Suite’s APIs, Directory-as-a-Service is the core, central user management platform for all G Suite users and enables SSO to systems, apps, and networks. In effect, the cloud hosted directory service is G Suite’s True Single Sign-On™ solution.
If you would like to learn more about how G Suite Single Sign-On works and what you can do to make your G Suite credentials the center of your IT organization, drop us a note. Or, feel free to give Directory-as-a-Service a try for yourself. Your first 10 users are free forever.