User Guide Cancel

Authenticate your users with Google Federation

Applies to enterprise.

Configure Single Sign-On (SSO) with Google Admin Console to manage users and entitlements for your Adobe apps and services. In this scenario, Adobe Admin Console uses Google as the Identity Provider (IdP). 

Google federation combines directory creation, domain claim, and SSO-setup into a simple workflow in the Google Admin Console and Adobe Admin Console. Google directory users linked with the Adobe Admin Console are unique and can be assigned to one or more product profiles.

Note:

If your organization has a Google SAML federation setup, you'll automatically get a Google OIDC federation configuration in the Authentication tab. If you Remove the OIDC configuration, the system automatically recreates the configuration as soon as a user from the associated directory signs in using Continue with Google option.

You can Disable the Google OIDC configuration to prevent the users from signing in using Continue with Google. Once disabled, the system won't create a new Google OIDC configuration.

Prerequisites

To integrate Adobe Admin Console user management with Google Admin Console, your organization needs the following:

  • You are an administrator in the Google Admin Console
  • You have verified domains in the Google Admin Console
  • You are familiar with Google's SAML Apps catalog in Google Workspace

Create a directory in the Adobe Admin Console

Once the Google Admin Console is set up and ready, follow the following steps in their respective windows (Google Admin Console or Adobe Admin Console):

  1. Sign in to Adobe Admin Console, navigate to Settings > Identity, and select Create Directory

  2. On the Create a Directory screen, do the following and click Next:

    • Enter a name for the directory
    • Select Federated ID
  3. Select Google and click Next.

  4. Follow the instructions to Create an Adobe SAML app in Google Admin Console and click Next.

    Instructions to create an Adobe SAML app in Google Admin Console

  5. Set up auto-account creation.

    Automatic account creation is enabled by default. It allows users without a federated account to automatically create one with their organization based on a verified email domain. When enabled for a federated directory, new users with a valid email domain in that directory will be able to create a federated account.

    If you disable automatic account creation, new users in your organization who have valid accounts with domains of this identity provider will no longer be able to create a federated account automatically.

  6. Select a default country from the dropdown menu in the Attribute mappings section. Learn more about attribute mappings.

  7. You can also choose to update user information in Admin Console when users log in. Then, select Done.

Add domains via Google directory

You can add domains after you have linked your Adobe Admin Console directory with Google directory. To pull verified domains directly from the Google Admin Console, do the following:

  1. In the Adobe Admin Console, navigate to Settings > Identity and select a directory.

  2. In the Domains tab, select Add domain.

  3. Select Add domains from Google, then Login to Google.

  4. Sign in to your Google account containing the verified domains to be added to the Adobe Admin Console.

  5. Select one or more from the list of available domains and click Confirm.

Next steps

After creating a directory and adding domains, add users and user groups to assign them to appropriate product profilesAdd Google Sync to the directory from the Sync tab in directory details to add users directly from your Google Directory.

Get help faster and easier

New user?

ICYMI Promo

Updates and Releases!

In case you missed it follow this page to stay updated!

Updates and Releases!

In case you missed it follow this page to stay updated!

ICYMI Promo

Updates and Releases!

In case you missed it follow this page to stay updated!

Updates and Releases!

In case you missed it follow this page to stay updated!