User Guide Cancel

Authenticate your users with Google Federation

Search
  1. Adobe Enterprise & Teams: Administration guide
  2. Plan your deployment
    1. Basic concepts
      1. Licensing
      2. Identity
      3. User management
      4. App deployment
      5. Admin Console overview
      6. Admin roles
    2. Deployment Guides
      1. Named User deployment guide
      2. SDL deployment guide
      3. Deploy Adobe Acrobat 
    3. Deploy Creative Cloud for education
      1. Deployment guide
      2. Enable Adobe Express in Google Classroom
      3. Integration with Canvas LMS
      4. Integration with Blackboard Learn
      5. Configuring SSO for District Portals and LMSs
      6. Add users through Roster Sync
      7. Kivuto FAQ
      8. Primary and Secondary institution eligibility guidelines
  3. Set up your organization
    1. Identity types | Overview
    2. Set up identity | Overview
    3. Set up organization with Enterprise ID
    4. Setup Azure AD federation and sync
      1. Set up SSO with Microsoft via Azure OIDC
      2. Add Azure Sync to your directory
      3. Azure Connector FAQ
    5. Set up Google Federation and sync
      1. Set up SSO with Google Federation
      2. Add Google Sync to your directory
      3. Google federation FAQ
    6. Set up organization with Microsoft ADFS
    7. Set up organization for District Portals and LMS
    8. Set up organization with other Identity providers
      1. Create a directory
      2. Verify ownership of a domain
      3. Add domains to directories
    9. SSO common questions and troubleshooting
      1. SSO Common questions
      2. SSO Troubleshooting
      3. Education common questions
  4. Manage your organization setup
    1. Manage existing domains and directories
    2. Enable automatic account creation
    3. Set up organization via directory trust
    4. Migrate to a new authentication provider 
    5. Asset settings
    6. Authentication settings
    7. Privacy and security contacts
    8. Console settings
    9. Manage encryption  
  5. Manage products and entitlements
    1. Manage users
      1. Overview
      2. Administrative roles
      3. User management techniques
        1. Manage users individually   
        2. Manage multiple users (Bulk CSV)
        3. User Sync tool (UST)
        4. Microsoft Azure Sync
        5. Google Federation Sync
      4. Change user's identity type
      5. Manage user groups
      6. Manage directory users
      7. Manage developers
      8. Migrate existing users to the Adobe Admin Console
      9. Migrate user management to the Adobe Admin Console
    2. Manage products and product profiles
      1. Manage products
      2. Manage product profiles for enterprise users
      3. Manage automatic assignment rules
      4. Review product requests
      5. Manage self-service policies
      6. Manage app integrations
      7. Manage product permissions in the Admin Console  
      8. Enable/disable services for a product profile
      9. Single App | Creative Cloud for enterprise
      10. Optional services
    3. Manage Shared Device licenses
      1. What's new
      2. Deployment guide
      3. Create packages
      4. Recover licenses
      5. Migrate from Device Licensing
      6. Manage profiles
      7. Licensing toolkit
      8. Shared Device Licensing FAQ
  6. Manage storage and assets
    1. Storage
      1. Manage enterprise storage
      2. Adobe Creative Cloud: Update to storage
      3. Manage Adobe storage
    2. Asset migration
      1. Automated Asset Migration
      2. Automated Asset Migration FAQ  
      3. Manage transferred assets
    3. Reclaim assets from a user
    4. Student asset migration | EDU only
      1. Automatic student asset migration
      2. Migrate your assets
  7. Manage services
    1. Adobe Stock
      1. Adobe Stock credit packs for teams
      2. Adobe Stock for enterprise
      3. Use Adobe Stock for enterprise
      4. Adobe Stock License Approval
    2. Custom fonts
    3. Adobe Asset Link
      1. Overview
      2. Create user group
      3. Configure Adobe Experience Manager Assets
      4. Configure and install Adobe Asset Link
      5. Manage assets
      6. Adobe Asset Link for XD
    4. Adobe Acrobat Sign
      1. Set up Adobe Acrobat Sign for enterprise or teams
      2. Adobe Acrobat Sign - Team feature Administrator
      3. Manage Adobe Acrobat Sign on the Admin Console
    5. Creative Cloud for enterprise - free membership
      1. Overview
      2. Getting started
  8. Deploy apps and updates
    1. Overview
      1. Deploy and deliver apps and updates
      2. Plan to deploy
      3. Prepare to deploy
    2. Create packages
      1. Package apps via the Admin Console
      2. Create Named User Licensing Packages
      3. Adobe templates for packages
      4. Manage packages
      5. Manage device licenses
      6. Serial number licensing
    3. Customize packages
      1. Customize the Creative Cloud desktop app
      2. Include extensions in your package
    4. Deploy Packages 
      1. Deploy packages
      2. Deploy Adobe packages using Microsoft Intune
      3. Deploy Adobe packages with SCCM
      4. Deploy Adobe packages with ARD
      5. Install products in the Exceptions folder
      6. Uninstall Creative Cloud products
      7. Use Adobe provisioning toolkit enterprise edition
      8. Adobe Creative Cloud licensing identifiers
    5. Manage updates
      1. Change management for Adobe enterprise and teams customers
      2. Deploy updates
    6. Adobe Update Server Setup Tool (AUSST)
      1. AUSST Overview
      2. Set up the internal update server
      3. Maintain the internal update server
      4. Common use cases of AUSST   
      5. Troubleshoot the internal update server
    7. Adobe Remote Update Manager (RUM)
      1. Use Adobe Remote Update Manager
      2. Channel IDs for use with Adobe Remote Update Manager
      3. Resolve RUM errors
    8. Troubleshoot
      1. Troubleshoot Creative Cloud apps installation and uninstallation errors
      2. Query client machines to check if a package is deployed
      3. Creative Cloud package "Installation Failed" error message
    9. Create packages using Creative Cloud Packager (CC 2018 or earlier apps)
      1. About Creative Cloud Packager
      2. Creative Cloud Packager release notes
      3. Application packaging
      4. Create packages using Creative Cloud Packager
      5. Create named license packages
      6. Create packages with device licenses
      7. Create a license package
      8. Create packages with serial number licenses
      9. Packager automation
      10. Package non-Creative Cloud products
      11. Edit and save configurations
      12. Set locale at system level
  9. Manage your account
    1. Manage your Teams account
      1. Overview
      2. Update payment details
      3. Manage invoices
      4. Change contract owner
      5. Change reseller
    2. Assign licenses to a Teams user
    3. Add products and licenses
    4. Renewals
      1. Teams membership: Renewals
      2. Enterprise in VIP: Renewals and compliance
    5. Automated expiration stages for ETLA contracts
    6. Switching contract types within an existing Adobe Admin Console
    7. Purchase Request compliance
    8. Value Incentive Plan (VIP) in China
    9. VIP Select help
  10. Reports & logs
    1. Audit Log
    2. Assignment reports
    3. Content Logs
  11. Get help
    1. Contact Adobe Customer Care
    2. Support options for teams accounts
    3. Support options for enterprise accounts
    4. Support options for Experience Cloud

Configure Single Sign-On (SSO) with Google Admin Console to manage users and entitlements for your Adobe apps and services. In this scenario, Adobe Admin Console uses Google as the Identity Provider (IdP). 

Google federation combines directory creation, domain claim, and SSO-setup into a simple workflow in the Google Admin Console and Adobe Admin Console. Google directory users linked with the Adobe Admin Console are unique and can be assigned to one or more product profiles.

Note:

If your organization has a Google SAML federation setup, you'll automatically get a Google OIDC federation configuration in the Authentication tab. If you Remove the OIDC configuration, the system automatically recreates the configuration as soon as a user from the associated directory signs in using Continue with Google option.

You can Disable the Google OIDC configuration to prevent the users from signing in using Continue with Google. Once disabled, the system won't create a new Google OIDC configuration.

Authenticate users with Google federation | YouTube video

Prerequisites

To integrate Adobe Admin Console user management with Google Admin Console, your organization needs the following:

  • You are an administrator in the Google Admin Console
  • You have verified domains in the Google Admin Console
  • You are familiar with Google's SAML Apps catalog in Google Workspace

Create a directory in the Adobe Admin Console

Once the Google Admin Console is set up and ready, follow the following steps in their respective windows (Google Admin Console or Adobe Admin Console):

  1. Sign in to Adobe Admin Console, navigate to Settings > Identity, and select Create Directory

  2. On the Create a Directory screen, do the following and click Next:

    • Enter a name for the directory
    • Select Federated ID

  3. Select Google and click Next.

  4. Follow the instructions to Create an Adobe SAML app in Google Admin Console and click Next.

    Instructions to create an Adobe SAML app in Google Admin Console

  5. Set up auto-account creation.

    Automatic account creation is enabled by default. It allows users without a federated account to automatically create one with their organization based on a verified email domain. When enabled for a federated directory, new users with a valid email domain in that directory will be able to create a federated account.

    If you disable automatic account creation, new users in your organization who have valid accounts with domains of this identity provider will no longer be able to create a federated account automatically.

  6. Select a default country from the dropdown menu in the Attribute mappings section. Learn more about attribute mappings.

  7. You can also choose to update user information in Admin Console when users log in. Then, select Done.

Add domains via Google directory

You can add domains after you have linked your Adobe Admin Console directory with Google directory. To pull verified domains directly from the Google Admin Console, do the following:

  1. In the Adobe Admin Console, navigate to Settings > Identity and select a directory.

  2. In the Domains tab, select Add domain.

  3. Select Add domains from Google, then Login to Google.

  4. Sign in to your Google account containing the verified domains to be added to the Adobe Admin Console.

  5. Select one or more from the list of available domains and click Confirm.

Next steps

After creating a directory and adding domains, add users and user groups to assign them to appropriate product profilesAdd Google Sync to the directory from the Sync tab in directory details to add users directly from your Google Directory.

More like this

 

Adobe logo

Sign in to your account

Quick links

View all your plans Manage your plans

Legal Notices    |    Online Privacy Policy