How to setup Google Workspace for Single Sign-on Login from Office 365

4 February 2020
Glen Pringle

[et_pb_section fb_built=”1″ admin_label=”section” _builder_version=”3.22.3″ custom_padding=”2px|||||”][et_pb_row admin_label=”row” _builder_version=”3.25″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” custom_padding=”10px|||||”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”4.7.4″]

In this blog we’ll use the following steps to configure Google Workspace to allow single sign-on from Office 365 accounts.

  1. Add the domain to both Office 365 and Google Workspace
  2. Configure Azure Active Directory single sign-on for Google Workspace integration
  3. Configure Google Workspace single sign-on to use Azure Active Directory
  4. Add automatic user provisioning so Azure Active Directory will create accounts in Google Workspace

Many organisations use both Google Workspace and Office 365 and create and delete user accounts for each system independently. This is not only more work for the administrator but also confusing for users who have to manage separate passwords. Single sign-on allows Google Workspace and Office 365 users to log in to both with the same account. Once they log in (or sign in) to one system, they are automatically logged in to the other system. Can you now guess where the name single sign-on comes from? In this post you’ll learn how to configure Google Workspace so that users can log in using their Office 365 account. We won’t be covering how to do it in the reverse direction, that is allowing Office 365 users to log in using a Google Workspace account.


[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”3.25″ custom_padding=”0px|||||”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_code _builder_version=”4.7.4″]You can manage your #GSuite users from Office 365 using Single Sign-on Click To Tweet[/et_pb_code][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”4.7.4″ custom_margin=”-8px|||||” custom_padding=”0px|||||”]

Office 365 uses a product called Azure Active Directory for user management. You may never have used it (or even heard of it before as Office 365 hides it in the background), but we’ll be using it to set up single sign-on. You can activate the free Azure Active Directory subscription that comes with Office 365 by following these instructions from Microsoft

In the following video we’ll walk you through the steps to configure single sign-on and automatic user provisioning. Before you do this you’ll need active subscriptions to both Office 365 and Google Workspace and have added your organisation’s domain name to both of these if they’re not already added. There are links in the Resources section to add a domain to Google Workspace and Office 365 if you haven’t already done this.

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_video src=”” _builder_version=”4.7.4″][/et_pb_video][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”3.25″ custom_padding=”42px|||||”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”4.7.4″ custom_margin=”-29px|||||” custom_padding=”2px|||||”]

Click this link for complete video transcription!

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”4.7.4″ custom_margin=”-2px|||||” custom_padding=”0px|||||”]

Once you have implemented single sign-on with automatic user provisioning, all normal user management will be done in Office 365. You won’t need to manage them separately in Google Workspace, and users will only need one password for both systems. 

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text module_id=”where-does-an-email-go-when-I-archive-it” _builder_version=”4.7.4″ custom_margin=”-25px|||||” custom_padding=”2px|||||”]


[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”3.25″ custom_margin=”-12px|auto||auto||” custom_padding=”19px|||||”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″ custom_margin=”-43px|||||” custom_padding=”25px|||||”]

Here’s some additional resources to help you learn more about this process.


[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”3.25″ custom_padding=”0px|||||”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text module_id=”where-does-an-email-go-when-I-archive-it” _builder_version=”3.27.4″ custom_margin=”-18px|||||” custom_padding=”2px|||||”]


[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”3.25″ custom_margin=”-20px|auto|-19px|auto||”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″ custom_margin=”-3px|||||”]

There’s a bunch of terms used that may not make a lot of sense. Here’s what they mean.

Authentication – Verifying that a person is who they claim to be (in other words, verifying their identity). Typically this is done by successfully entering a username/email address and password and possibly an additional verification code.

Authorisation – Verifying that a person is entitled to access a system or resources. Even if you’re authenticated (you’ve verified your identity), you may not be authorised to access a particular system. For example, you might have an account on Office 365 and you have logged in and authenticated your identity, but you may not be authorised to log in to Google Workspace using that identity. 

Identity – This is commonly a digital representation of a person (although it might also be an organisation, an application, or a device). 

SAML – This is the standard that computer systems use for exchanging authentication and authorisation data and is what single sign-on uses so you can log in to Google Workspace using your Office 365 account.

Single Sign-on – A way for different computer systems to rely on another system for user authentication. From a user’s perspective, once they’ve signed on to a system, any other systems that use that single sign-on won’t require them to sign in again.

Azure Active Directory – Also known as Azure AD, this is a product from Microsoft that is available within Office 365. It is a sophisticated system for managing user’s identities and their access to systems and resources.



Recent Posts

Here’s What
Our Clients Say

PR Industrya


In 2018, Using Technology Better designed and delivered a two phase post-migration training program for this New Zealand based graphic design firm. The initial goal of the training program was to reduce frustration with G Suite, with the long term aim of facilitating a change in culture and collaboration that can lead to transformative practices

Download your skills checklist to see how you score...


Choose Industry:

Which Skills Checklist?


Nice Move Allstar!
You're about to get
awesome value in your
inbox that's going to make
life that little bit easier & sweeter!


Pop in your details below and we'll send you the PLD Checklist 📧

First time applying for MoE Funded PLD?

Get the Latest Blog Posts, New Tips And Tricks


NSW DoE Leadership Webinars


NSW DoE Leadership Webinars


Holiday Rescue Maker Camp

Student to agree to and tick:
Guardian to agree to and tick: