Azure AD SSO Connection with Google Apps

You are here:
< Back


Azure AD SSO Connection with Google Apps

Guide 1 Guide 2

Errors and Missing Configuration in Guide

1) Inside Google’s SSO configurations, we need to enable the Use Domain Specific Issuer

Check box. Following is the screenshot for the option,

If the above is not done, the user would get the following error when they Sign Into their

1


account on Google,

You may refer to the Video where I have recreated the scenario by going into this link

http://screencast.com/t/3ZrbQ5rU

2) Password Reset from Google Does not work if you follow the Auto Generated URLs

2


The correct URL is as follows,

https://account.activedirectory.windowsazure.com/ChangePassword.aspx?portalUrl=https://acc ount.activedirectory.windowsazure.com/profile/

Once you do the change on Google’s SSO, it would redirect you here where you would be able to reset your Passwords without any isssues.

3

from Azure’s SSO setup for Google Apps.


3) Sign Out doesn’t work from a Gmail Account

The SSO has the same URL for Sign In and SIgn Out, this is causing the issue as when a user is signing out of the session, he is getting the same error like the one we had seen in the first step.

This is happening since when the user presses the Sign Out button, they are going to the Sign In URL in practicality.

The work around is to change the Sign Out URL with a URL that is going to trigger a Sign Out. There are a few documents speaking about Single Sign Out, probably this is a concept that can help fix this issue.

End of the document.