<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Users on ChromeOS Bypassing SSO for Google Workspace
Aug 11, 2025
Single Sign-On
Okta Classic Engine
Okta Identity Engine
Overview

In some scenarios, after setting up SAML SSO for the Google Workspace app, users on ChromeOS/Chromebook are not redirected to Okta for authentication when trying to access Google Workspace apps. Instead, they can authenticate directly with their Google Workspace credentials.

Applies To
  • Bypassing SSO for Google Workspace
  • Security Assertion Markup Language (SAML)
  • Single Sign-On (SSO)
Cause

This could be caused by "SAML-based single sign-on for Chrome devices" being disabled on the Google Workspace side. SAML SSO support for ChromeOS devices is enabled separately, even if the Okta SSO profile was already set up.

Solution

In order to enable "SAML-based single sign-on for Chrome devices":

  1. In the Admin console, go to MenuDevices > Chrome > Settings. The User & browser settings page opens by default.
  2. Scroll down to Security.
  3. Click Single sign-on.
  4. Select Enable SAML-based single sign-on for Chrome devices.
  5. Click Save.

Recommended content

Still looking for help?
Loading
Users on ChromeOS Bypassing SSO for Google Workspace