Earlier this year, we announced a beta for assigning SSO profiles to organizational units or groups. This feature is now generally available and allows admins to specify groups or organizational units (OUs) to authenticate a subset of your users using Google.
Why it’s important
Currently, when you configure SSO with a third-party identity provider, the setting applies to your entire domain. However, there are some instances where you may want a subset of your users, such as vendors or contractors, to authenticate with Google instead. The Partial SSO feature gives you the flexibility to specify the authentication method for various users in your organization as needed.
- Admins: In the Admin console, navigate to Security > Settings > Set up single sign-on (SSO) with a third party IdP > Manage SSO Profile assignments. Visit the Help Center to learn more about assigning SSO profiles to organizational units or groups.
- End users: No action required.
- Rapid Release and Scheduled Release domains: Full rollout (1–3 days for feature visibility) starting on November 19, 2021
- Available to Google Workspace Business Starter, Business Standard, Business Plus, Enterprise Essentials, Enterprise Standard, Enterprise Plus, Education Fundamentals, Education Plus, Frontline, and Nonprofits, as well as G Suite Basic and Business customers
- Available to all Cloud Identity customers
- Not available to Google Workspace Essentials customers