Forum Discussion
Questions about using third party IdP to authenticate to Office 365
I am setting up Google as the identity provider, and no issues with the setup, its working fine, but i have a few questions-: 1. I used Global Admin role to setup SSO, but i want to delegate futu...
For question #1, it appears Global Admin is required, as I don't see a separate role available for configuring federation according to this article here:
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/plan-sso-deployment#required-administrative-roles
For question #2, the UserPrincipalName is the unique identifer when it is a cloud-only account.
For question #3 we recommend using UserPrincipalName for nameid
For question #4, In the Sign-out page URL field in Google Cloud (G Suite) Connector, paste the value of Logout URL which you have copied from Azure portal. There is a video here:
https://azure.microsoft.com/en-us/resources/videos/enable-single-sign-on-to-google-apps-in-2-minutes-with-azure-ad/
If this post was helpful please mark as best response, thank you.
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/plan-sso-deployment#required-administrative-roles
For question #2, the UserPrincipalName is the unique identifer when it is a cloud-only account.
For question #3 we recommend using UserPrincipalName for nameid
For question #4, In the Sign-out page URL field in Google Cloud (G Suite) Connector, paste the value of Logout URL which you have copied from Azure portal. There is a video here:
https://azure.microsoft.com/en-us/resources/videos/enable-single-sign-on-to-google-apps-in-2-minutes-with-azure-ad/
If this post was helpful please mark as best response, thank you.