<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008G7VHYSA3Okta Classic EngineAdministrationAnswered2024-04-16T13:11:50.000Z2017-04-28T14:24:51.000Z2020-08-03T20:52:54.000Z

y1npn (y1npn) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
How do I using Google as IdP for okta?
I am new to okta.

I want to set up okta/Google integration so that a user authenticates with Google to get access to okta. I need to (1) set up okta to use G Suite as the directory and (2) set up okta so that G Suite is the IdP for okta. 

In the admin interface of Okta, on the Security menu, I see 'Authentication'. There's options for Active Directory and options for LDAP- but we don't have either. We do not use Windows Server / AD at all. We don't have a local LDAP server. Our user identities and credentials are stored in G Suite. 

 

Note that I see how to configure okta so that Google users log into Google via okta- I see the option to configure okta as the SSO for Google, so that if a user tries to log into Google, they will get the okta login page. We do not want to do this, I list it here to be clear that I see that, but we're not trying to set that up right now.
  • 9 answers
  • 4.52K views
TuukkaH.80043 likes this.

  • josh.skeen1.4283705083512795E12 (Okta, Inc.)

    Hi Dan,

     

    We actually have fairly detailed instructions on how to set up G Suite as an IdP in Okta available here: http://saml-doc.okta.com/IdentityProvider_Docs/Google_Identity_Provider_Setup.html(http://saml-doc.okta.com/IdentityProvider_Docs/Google_Identity_Provider_Setup.html). This is a reference that is off of our main IdP page, which is also available here: http://developer.okta.com/docs/api/resources/idps.html(http://developer.okta.com/docs/api/resources/idps.html).

     

    Both of these resources should contain everything you need to help get G Suite set up as an IdP for Okta.

     

    Thank you,

     

    Josh Skeen

    Okta Technical Support Engineer
    Expand Post

  • y1npn (y1npn)

    I'm a bit confused- I see the API documentation, but I'm not sure how/where to configure this in Okta.

    I was expecting that there is a setting in Okta to 'redirect' login requests to Google, and then have Google pass the authenticated session back to Okta.

    I went to those links- it refers to how to set up, in Google, a developer/development project. I'm not trying to build something... I'm hoping this is configuration, not coding. (?)
    Expand Post

  • cl9n1 (cl9n1)

    @Dan, were you able to implement Google Suite as IdP following the two instructions provided by Josh above?

  • StewartG.30140 (Customer)

    I'm in the same boat as Dan.  I have searched documentation and found content for how to add a Social and IDP, the only link I can find is for adding and IDP, which only want to add a SAML instance and that does not align to the instructions.  Very frustrating.

  • TuukkaH.80043 (Customer)

    We have the exact same problem. The instructions are not on par with the current Okta UI version and thus the tutorial cannot be followed. Please update the docs.

  • Brian Anderson - KCS Technical Writer (Okta, Inc.)

    Hi Dan, Stewart and John,

     

    The documentation that Josh provided a link to details the steps to perform on the G Suite site, but you will also need to create an Idendity Provider on the Okta side.  This is performed by adding Google as an Idendity Provider in the Security -> Identity Providers page of the Okta Admin Console.

     

    Please refer to our Inbound SAML guide here for more details: https://help.okta.com/en/prod/Content/Topics/Security/Identity_Providers.htm?Highlight=inbound%20saml

     

    Thank you,

    Brian Anderson

    KCS Specialist
    Expand Post

  • dvr09 (dvr09)

    I'm also running into this same issue, exactly as described above. Not sure what's causing this issue.

  • JamesN.83470 (Customer)

    We are attempting this as well, but one thing I'm concerned by -- if a user uses one of the regular Google urls...mail.google.com, rather than one of the SP-initiated SAML URLs, wouldn't they bypass Okta altogether? Is there any way to deal with this backdoor?

This question is closed.
Loading
How do I using Google as IdP for okta?