The Adobe Admin Console allows a system administrator to configure domains which are used for login via Federated ID for Single Sign-On (SSO). Once the ownership of a domain is demonstrated, the domain can be configured to allow users to log in to the Adobe Creative Cloud. Users can log in using email addresses within that domain via an Identity Provider (IdP). The process is provisioned either as a software service which runs within the company network and is accessible from the Internet, or a cloud service hosted by a third party which allows for the verification of user login details via secure communication using the SAML protocol.
One such IdP is Google, a cloud-based service which facilitates secure identity management.
Before configuring a domain for single sign-on using Google as the IdP, the following requirements must be met.
- Administrative access to both the Adobe Admin Console and the Google Admin Console.
- An approved domain for your Adobe organization account. The status of the domain in the Adobe Admin Console must be Configuration Required.
To Configure Single Sign-On for your domain, perform the below steps:
To enter the required information for your IdP, use the Set Up Domain wizard in the Adobe Admin Console.
- Upload the certificate
- For IdP Issuer, enter the Entity ID that you copied from Google Admin Console.
- For IdP Login URL, enter the SSO URL that you copied from Google Admin Console.
- Set IdP Binding to HTTP - Post.
- For User Login Setting, choose Email.