Forum Discussion
Which Entra account are you supposed to use to connect to a managed Google Play account?
At Connect Intune account to managed Google Play account - Microsoft Intune | Microsoft Learn, it says:
We recommend using the Microsoft Entra account you're signed into to create the Google Admin account.
So I used my Entra account to set it up. Now, though, when I look at the Managed Google Play item in Intune under Devices > Android > Enrollment, it has my email address under "Linked account".
Was I supposed to create a shared Entra account to make this connection? What happens when I leave the org?
3 Replies
What you’re seeing is expected behavior. Microsoft recommends using the Entra ID account you’re signed in with to create the Managed Google Play/Android Enterprise binding. The account used during onboarding becomes the anchor identity and therefore shows up in Intune as the Linked account. So seeing your own email there is normal and compliant with Microsoft documentation.
However, while this is supported, it’s not considered a long‑term best practice. The linkage is tied to the identity that performed the initial setup. If that account is later disabled or removed (for example, when you leave the organization) and no additional Google admins were added, the tenant may lose administrative access to Managed Google Play—even though device management continues to function.
Best practice is to:
- Use a dedicated, mailbox‑enabled Entra ID admin account (not a personal user account) for the initial connection,
- Ensure additional admins are added in the Google Admin console after onboarding.
Take a look at Nicky De Westelinck’s blog post — it explains the process of upgrading/changing the account and highlights the key considerations to be aware of.
Link: https://www.nickydewestelinck.be/2026/01/28/upgrading-managed-google-play-moving-from-google-accounts-to-microsoft-entra-id-in-microsft-intune/
Thanks Radzik_PL, this is helpful.
I would love some confirmation from an official Microsoft source on this, though. Priya_Ravichandran, can you please confirm that we are supposed to create a generic, shared Entra account that has been granted Intune Administrator privileges for the purposes of creating this managed Google Play connection? That doesn't seem like a good practice from a security and governance perspective.
You should use the Global Admin (or at least an Intune/Endpoint Manager admin) Entra account when connecting to Managed Google Play. Regular user accounts usually don’t have the required permissions. It’s basically the same account you use to manage Intune/MDM settings.
