tbmzy (tbmzy) asked a question.
google account that is provisioned from okta is forced to be verified from Google Identity using SMS
I have successfully set up Google Workspace with Okta as the IDP and the account provisioning service. After the account is provisioned and Google Workspace is assigned as an app to the okta account, I login to to okta as said user, launch a google app, google immediately suspects something fishy is going on and makes me do a one time SMS verification. Does anyone know how to get around this? The problem I'm having is I'm doing some testing with accounts, and Google has detected I've already used my cell number for verification, so it wont let me use it for subsequent validation requests. Would really like to know if anyone has found a way to turn this off on the google side.
Hi @tbmzy (tbmzy) , Thank you for reaching out to the Okta Community!
Unfortunately this is more a question for Google than Okta, but from my experience additional MFA was not required when I implemented Okta SSO. It could be that your testing is casing this or it could be that at the time of my testing security settings weren't this stringent.
I recommend checking the following articles for the potential settings in your environment that might allow disabling that behaviour.
https://support.google.com/a/answer/9464354?hl=en
https://support.google.com/a/answer/6002699#ssochallenges
https://cloud.google.com/architecture/identity/best-practices-for-federating
That being said, we'll leave this Question open for anyone in the Community that might have experienced the same and has insight into the matter.
If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you.
Hope my answer helps!
--------------------------------
💡 Community Moderator Tip: Join a group today and connect with other Okta customers by region or product.