G Suite SSO Vs ADFS

By Rajat Bhargava Posted March 13, 2017

Now that G Suite has jumped into the single sign-on game, how does G Suite SSO stack up vs. Microsoft ADFS?

ADFS – Microsoft’s Active Directory® Federation Services – is their way of enabling single sign-on to web applications. It’s installed on-prem with Active Directory.

But the truth is that ADFS doesn’t really solve an organization’s SSO issues. While integrated with Active Directory, IT admins are looking to make the leap to the cloud with an IDaaS that is a True Single Sign-On solution.

G Suite Directory: An Incomplete SSO Solution

google directory incomplete

Formerly known as Google Apps for Work, G Suite is trying to enable web application access through G Suite identities.

First, Google started with OAuth. OAuth requires web applications to integrate with G Suite and rely on their identities for access to their application. Many web applications weren’t too excited about giving Google control over their users’ access to their applications.

Then, G Suite released their SAML integration. Of course, SAML provides more robust authentication and integration, but G Suite only supports a handful of different web applications.

The bottom line:  G Suite directory is an incomplete SSO solution at best, and it’s a weak overall identity provider.

ADFS: Not Designed for Web App SSO

replace Active Directory

ADFS is a solution to provide trust between two organizations. The goal is for a user of Company A to be able to log into services from Company B. While this can be used for SSO to web applications, it is a heavy solution chiefly aimed at integration between two partner organizations.

Like most Microsoft back-end solutions, this has been engineered for large enterprises that have partnerships between organizations that need to allow access to each other. ADFS has historically been painful to set up and implement. The solution doesn’t scale with the number of third-party organizations that your business would like to connect to. The work is on your side rather than the provider’s side.

JumpCloud® – A True SSO™ Platform

True Single Sign-On

Both G Suite SSO and ADFS leave a great deal to be desired from the process of single sign-on. Directory-as-a-Service® is a True Single Sign-On platform that tightly integrates with G Suite and provides G Suite identities to an organization as their central core. In fact, Directory-as-a-Service enables G Suite identities to be used for access to a user’s laptop or desktop (Windows, macOS, Linux), AWS cloud servers, on-prem applications, web applications, and the WiFi network.

Think of Directory-as-a-Service as a replacement to Active Directory and ADFS. You could also look at it as a companion tool to G Suite. Whereas G Suite replaces Microsoft Exchange and Office, the cloud-hosted directory replaces AD.

Achieve True SSO with G Suite & JumpCloud

JumpCloud G Suite Integration

If you would like to learn more about how G Suite SSO compares to ADFS, drop us a note. We’d be happy to walk you through the pros and cons as well as how IDaaS fits into the equation. Finally, sign up for a free account and your first 10 users are free forever.

Rajat Bhargava

Rajat Bhargava is co-founder and CEO of JumpCloud, the first Directory-as-a-Service (DaaS). JumpCloud securely connects and manages employees, their devices and IT applications. An MIT graduate with two decades of experience in industries including cloud, security, networking and IT, Rajat is an eight-time entrepreneur with five exits including two IPOs, three trade sales and three companies still private.

Recent Posts