<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008G7V3YSAVOkta Classic EngineOkta Integration NetworkAnswered2024-04-17T12:53:38.000Z2016-09-27T21:04:22.000Z2018-01-25T09:37:33.000Z

Rocky (Customer) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
Google Apps SAML, Two-Step Authentication and App Passwords
Hello fellow Oktans,

 

I am planning my Google Apps SAML integration. We have plenty of users that set up Google 2-Step Authentication in order to generate App Passwords for their mobile devices and mail clients such as Mac Mail and Outlook.

 

I assume we will be bypassing Google's 2-step since we will be using Okta MFA going forward. But if we do that, will the App Passwords expire?

 

Can someone help me understand this?

 

Thank you!
  • 3 answers
  • 2.13K views
JoshuaM.63593 likes this.

  • Rocky (Customer)

    I was told by Okta Customer Care that Okta does not have a solution for this.

     

    This will render SAML for Google Apps (or G suite) virtually useless as several users are dependent on mail apps on both their computers and mobile devices. These applications can only be used with Google App Passwords, which are not supported by Okta.

     

    Now, we could keep Google 2-Step in place, but having users endure Okta MFA in addition to Google 2 step sounds laborious and would make the case to NOT use SAML for Google Apps. 

     

    If I am wrong in my thinking, please feel free to chime in and correct me. Or if you have deployed Google Apps SAML for Okta, please chim in as well!
    Expand Post

  • iy6t4 (iy6t4)

    Has OKTA added support for Google application specific passwords yet? If our users cannot use email clients with Google application specific passwords that is a big problen for us.

  • iy6t4 (iy6t4)

    OKTA support told me that Google application-specific passwords will continue to work after enabling SAML for G Suite.
This question is closed.
Loading
Google Apps SAML, Two-Step Authentication and App Passwords