Google has added Microsoft Office 365, Facebook at Work, Box, Panorama9, Slack and several other products to the growing list of applications for which it provides single sign-on support.
Enterprises using the company’s Identity Platform for Work will now be able to give workers a way to use their existing log-in credentials to authenticate themselves and access these apps and scores of others for which SSO is available.
The new apps add to the hundreds on the Google Apps Marketplace that have been preconfigured for single sign-on since last October, when Google enhanced its OpenID Connect (OIDC) identity provider technology with support for Security Assertion Market Language (SAML) 2.0.
The company, at that time, had described the move as a response to growing enterprise demand for centralized cloud-based identity services for accessing software as-a-service (SaaS) applications as well as customized on-premise apps.
Google has touted the SAML support in OIDC as giving administrators a way to eliminate individual user IDs and passwords for accessing different cloud applications.
The goal is to make it easier for organizations to manage identity and security for all their SaaS and on-premise applications using Google’s identity services, Shashank Gupta, work product manager for Google Apps for Work, wrote in a blog post this week.
Google’s single sign-on support is available to users accessing enterprise cloud applications via their mobile devices as well.
“Google’s identity services provide even more security on mobile when combined with Google Apps enterprise mobile management controls like password strength, lock screen requirements and app management,” Gupta said.
The controls can work alongside emerging mobile security options, such as a fingerprint reader, to give mobile users an additional layer of protection.
Google’s Identity Platform for Work is one of several options that enterprises can use to build an authentication system for accessing SaaS and on-premise applications.
Other options include Google Sign-in, Smart Lock for passwords and Identity Toolkit.
Google Sign-In, which is available for Android, iOS and Web users, is designed to give administrators a way to let users sign into multiple applications using their Gmail. Google+, Google Play and other Google service accounts.
Google’s Smart Lock for passwords option allows users to save their password once and then avoid having to enter their credentials again when accessing applications on Android and Chrome devices.
Google’s work with SSO and identity services overall is part of a broader effort by the company to give organizations a way to better manage user identities and access in the cloud.
The company on March 15 introduced a new feature in Google Apps that will let administrators set an “expiration date” for user access to files in Google Docs, Drive, Slides and Sheets. The idea is to give enterprises a way to ensure that contractors, temporary employees and others with short-term access rights to enterprise systems do not have a way to access the systems after a specific date.