Google - Okta Integration Guide - SSO & Provisioning Overview

Before I show you how to set up Google SSO and user lifecycle management with Okta, let us first understand why we need Okta Google Workspace integration in the first place. I mean what are we missing in life if we do not even have Okta or its integration with Google.

For that, let me take a scenario, lets say your company uses 10 different software applications to perform day to day tasks, for e.g Salesforce for CRM, Google Workspace for messaging and collaboration, Asana for task management etc.

Now, when a new employee joins you, your IT Administrator would go and create this new employee’s account in these 10 different applications (one by one), and then finally send the user id and password of each of these apps to the user.

Manually creating user accounts in 10 different applications, yuck…. That is painful…..very time consuming, but let me add some flavor to it.

What if you are a big business, and 100 new employees join you today?

Oh.. and what if 100 leave you every month, would you not need to then go to those 10 applications and delete these accounts????

and what if by any chance your IT Administrator (being human) missed to delete a user’s account from any of these applications? security compromised……..

It is not just your IT administrator who gets all the frustration here, it is also shared by your regular employees, because they now need to manage 10 different user ids and passwords (one for each application).

Now, if you are in this situation, what would you do? May be keep the same user id and password for all these applications, which works well as you only need to remember one set of credentials, but if your password gets compromised, that means all your 10 apps are potentially compromised because you have same password for them too.

So, to summarize, here are the problems-:

Administration Problems

  • Time consuming and de-centralized user management
  • Lack of security (what if an Admin forgets to remove a user account from an application after the user leaves your company)

User Problems

  • Multiple user ids and passwords to manage
  • Lack of productivity, less than ideal experience
  • Lack of security (if user changes password of each app and make it same)

Now, let us see how using a centralized Identity and Access management solution can help us with these problems, though this post is about Okta / Google integration, however conceptually it does not matter which Identity and Access management solution you use (e.g ADFS, Ping Identity, Google Cloud Identity, AzureAD etc).

Administration Benefits with Okta-:

  • Okta sync very well with your Active Directory or LDAP to bring all your existing identities (e.g users, groups) into Okta.
  • Now, you do not need to create users accounts manually in to target applications (like Google Workspace, Salesforce etc), as Okta connects with them very well leveraging their APIs.
  • Once you integrate Okta with these target applications, you only need to provision your users once, either in your Active Directory or in Okta, and then Okta will provision (and de-provision) this user automatically in those 10 applications in our case.
  • Okta Administrator can apply policies such as enforce Multi Factor Authentication when a user is trying to login to a critical application, or may if a user is trying to login from outside the office.

User benefits with Okta-:

  • Rich User experience -: Users do not need to remember multiple user ids and passwords for different apps, they only need to login to Okta, and they will be presented with application icons, just click on those icons to login to those applications…… yeah……..
  • Secure Access based on the access policies setup by Okta Admin

Related Posts