Set up SSO using 3rd party IdPs

Best practices for third-party IdP SAML apps configurations

As an admin, you can use these security best practices when integrating G Suite with third-party identity providers (IdPs) to connect to Security Assertion Markup Language (SAML) applications.

Best practices for your third-party IdP configuration

  • Maintain good password policies, and enforce strong passwords. Implement 2-Step Verification (2SV). Google 2SV doesn't integrate with third-party identity providers (IdPs), so implement 2SV on the IdP side. Where possible, recommend security keys and mobile-app based solutions over text messages.

Best practices for your G Suite configuration

Best practices for your user devices

  • Practice good cookie management. Google uses cookies to establish the relationship of a user to a device. Clear cookies or log out only when the device can no longer be associated with that user.
  • Use Google mobile apps. In addition to providing the best user experience, these apps offer security protections.
  • Update to the latest operating system version and security patches. To ensure the best protection for your users' mobile devices, tell them to accept the latest updates and security patches.
Was this helpful?
How can we improve it?