By: Priya Ravichandran – Principal Product Manager | Microsoft Intune
A prerequisite to managing Android Enterprise devices with Microsoft Intune is that organizations must first complete a one-time onboarding process which requires admins to create and manage a consumer Gmail account. Starting in August 2024, this process will no longer require Gmail accounts. Instead, we’re happy to announce that admins will be able to use their existing Microsoft Entra credentials to complete this one-time onboarding.
Streamlined flow for new tenants
For tenants connecting or reconnecting your Microsoft Intune tenant to Managed Google Play, you can now use your Microsoft Entra credentials to complete the onboarding process. Let’s walk through the new flow.
As you work through the Prerequisites tab under Android enrollment, the new flow is invoked when you select “Launch Google to connect now”. At this point, a new tab is launched with the following screen. The Microsoft Entra credentials used to sign into the Microsoft Intune admin center will be pre-filled.
We recommend continuing with the prefilled identity and selecting the “Sign in with Microsoft” option that will follow.
Figure 1: Select "Sign in with Microsoft" to easily use your Entra identity.
The process may require email verification so if the identity or credentials used to sign in doesn’t have an email inbox, we recommend that you use a corporate email address with a mailbox to complete the onboarding. Once the onboarding flow is complete, you can add other Microsoft Intune administrators into the Google Admin console and grant them the right level of access to manage Google resources for your organization.
The Google Admin console wizard will guide you through the steps to create and set up your Google Admin account and allow Intune to manage your Android Enterprise devices.
Figure 2: To complete the account creation, you will need to select 'Allow and create account'.
Figure 3: Once the account is created, you will need to allow Intune to manage the devices for a second time.
At this point, the step to connect your Microsoft tenant to Google is complete and you can start enrolling and managing Android Enterprise devices with Microsoft Intune.
Migration for current Intune tenants
For Microsoft Intune customers who have already onboarded using a Gmail account, no changes are required, and you will continue to be supported.
- If you decide to disconnect your Android Enterprise administrative account and reconnect, you will now have the option of using this new flow.
Important note: Disconnecting your Android Enterprise account will remove all your Managed Google Play apps and all managed Android Enterprise devices from your tenant.
We’re working with Google to finalize a process to migrate from your Gmail account to your Microsoft Entra credentials in a way that won’t interrupt how these devices are managed. We expect this migration process to be defined in Q1CY25, and we’ll share more information closer to that date.
What is this new Google Account?
As you may have noticed, the onboarding flow creates a Google account using your corporate email address. Admins can use their Microsoft Entra credentials to log in and manage the connection between Google and Microsoft Intune, as well as other Google features. For more information, refer to How Android Enterprise connects your Google services (Google Blog).
What's next
As you engage with this new experience, let us know in the comments below or by reaching out on X @IntuneSuppTeam if you have any questions or feedback so that we can work together to make this the best experience.
