Sign in to Adobe Admin Console, navigate to Settings > Identity, and select Create Directory.
Configure Single Sign-On (SSO) with Google Admin Console to manage users and entitlements for your Adobe apps and services. In this scenario, Adobe Admin Console uses Google as the Identity Provider (IdP).
Google federation combines directory creation, domain claim, and SSO-setup into a simple workflow in the Google Admin Console and Adobe Admin Console. Google directory users linked with the Adobe Admin Console are unique and can be assigned to one or more product profiles.
If your organization has a Google SAML federation setup, you'll automatically get a Google OIDC federation configuration in the Authentication tab. If you Remove the OIDC configuration, the system automatically recreates the configuration as soon as a user from the associated directory signs in using Continue with Google option.
You can Disable the Google OIDC configuration to prevent the users from signing in using Continue with Google. Once disabled, the system won't create a new Google OIDC configuration.
To integrate Adobe Admin Console user management with Google Admin Console, your organization needs the following:
Once the Google Admin Console is set up and ready, follow the following steps in their respective windows (Google Admin Console or Adobe Admin Console):
Sign in to Adobe Admin Console, navigate to Settings > Identity, and select Create Directory.
Set up auto-account creation.
Automatic account creation is enabled by default. It allows users without a federated account to automatically create one with their organization based on a verified email domain. When enabled for a federated directory, new users with a valid email domain in that directory will be able to create a federated account.
If you disable automatic account creation, new users in your organization who have valid accounts with domains of this identity provider will no longer be able to create a federated account automatically.
Select a default country from the dropdown menu in the Attribute mappings section. Learn more about attribute mappings.
You can also choose to update user information in Admin Console when users log in. Then, select Done.
You can add domains after you have linked your Adobe Admin Console directory with Google directory. To pull verified domains directly from the Google Admin Console, do the following:
In the Adobe Admin Console, navigate to Settings > Identity and select a directory.
After creating a directory and adding domains, add users and user groups to assign them to appropriate product profiles. Add Google Sync to the directory from the Sync tab in directory details to add users directly from your Google Directory.
Sign in to your account