Google IDaaS SAML Authentication

Written by Greg Keller on January 23, 2017

Share This Article

A core part of Google’s IDaaS approach has been SAML authentication. SAML is one of the authentication protocols in use for web application single sign-on. Google’s G Suite platform recently released integrations via SAML for a select few web applications. The approach to web SSO is a complement to Google’s previous identity management efforts with OAuth.

Aspirations vs. Achievements

Google’s aspirations may be to leverage Google identities, or more specifically, G Suite identities as the core credentials that access IT resources. Yet Google’s approach to IDaaS is really a user management platform for their own Google Apps and some web applications.

What’s missing is any authentication process for on-prem systems or applications, integration with other major providers, such as AWS or Azure, and other historically popular authentication protocols, such as LDAP, RADIUS, or Kerberos.

Does G Suite Directory Replace Active Directory?

Google is leveraging their strength in web applications to provide an identity management platform that looks a lot like web application SSO, which is often defined as a first-generation IDaaS solution. Microsoft Active Directory has held a virtual monopoly in the identity management space. So it would make sense for Google to compete with them head-on for business. Since G Suite is already going head-to-head with Microsoft Exchange and Office, it would be logical for G Suite Directory to be a replacement to Active Directory.

However, that’s not the approach that Google has taken with their identity management strategy. As a user management system for Google Apps and a web application SSO with SAML and OAuth protocol integration, Google has been targeting an approach where IT admins need to have multiple solutions to manage their identities. This has historically meant that they would encourage their customers to leverage Active Directory on-prem.

One Directory to Rule Them All®

With the introduction of a next-generation IDaaS platform called Directory-as-a-Service®, IT admins no longer have to keep one part of their infrastructure on-prem while they move to G Suite or Google Cloud. Directory-as-a-Service is a cloud-hosted directory service that replaces Active Directory. As a virtual identity provider, it securely manages and connects user identities with systems, applications, and networks whether on-prem or in the cloud. IT resources can be Mac, Linux, Windows, G Suite, Office 365, and AWS, among others.

Beyond the Limitations of Google IDaaS SAML Authentication

IT admins don’t need to be limited with Google IDaaS SAML authentication capabilities. Directory-as-a-Service is seamlessly integrated with G Suite and enables a user to leverage their G Suite credentials across their laptop, cloud servers, on-prem applications, web apps, WiFi, and more.

If you would like to learn more about Google IDaaS SAML authentication, drop us a note. Also, give our IDaaS platform a try. As a True Single Sign-On solution connecting to a wide range of IT resources, it might be a great fit with your G Suite implementation.

Continue Learning with our Newsletter