Log in to Google Workspace using AWS SSO as IdP
I have found many documents and tutorials on how to set up AWS SSO using Google as the IdP, but I want to set up my Google Workspace so that I have to use IAM Identity Center as the login for my Google Workspace (opposite of what most folks are writing up)?
Have verified that SSO from IAM Identity Center (IdC) works (aka IdP-Initiated SSO). Workspace to IdC does not (aka SP-Initiated SSO).
Has anyone done this and if so how did you get it to work so when a user goes to Google, it validates at IIC SSO and returns them back to the Google service?
- Newest
- Most votes
- Most comments
To clarify, you want to use IAM Identity Center as IdP (identity provider) to Google Workspace. I am not aware of anyone that has done it. If your IAM Identity Center identity source is Active Directory, you can refer to Federating Google Cloud with Active Directory
For other identity source, the following may help
Best practices for federating Google Cloud with an external identity provider
Relevant content
- Accepted Answer
asked 4 years ago - asked 2 years ago
AWS OFFICIALUpdated 10 months ago- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 6 months ago
Yes, we were looking to see if we can make IIC the IdP for Google Workspace. I am able to configure it as an IdP and it works, but if I go from Google it doesn't return me back because I get an error message. Trying to see what I am missing.
Thanks for clarification. SSO from IAM Identity Center (IdC) works (aka IdP-Initiated SSO). Workspace to IdC does not (aka SP-Initiated SSO). Not experienced with google, can you try doing it this way? https://www.google.com/a/[DOMAIN]/ServiceLogin?continue=[SERVICE] , where [SERVICE] is Google service that you want to redirect to after authentication. e.g. https://www.google.com/a/mydomain.com/ServiceLogin?continue=https://mail.google.com.