Starting with April 10, 2017, G Suite will slowly roll out a set of updates and changes that will affect both partners and clients. So, if you want to know the real impact of the changes, take a look below and follow our explanations.
Changes That Will Affect Everyone
The only change that will be visible for everyone is a design feature. Thus, the login page will be different but it will look the same across all devices. Of course, the change will happen progressively so it may take up to a few weeks until you see the new page.
Changes for Users without a Third-Party SSO Provider
Because many users don’t understand correctly the implications of the “Stay signed in” option across browser, this checkbox will be removed for users who don’t have a third-party SSO provider. Thus, you should also know that you will remain logged in the browser unless you click ‘Sign out’. SSO stands for Single-Sign On and is a method to have many cloud services use the one login credential to authenticate the user accross many platforms. Its a great time saver and great for security.
This is a feature you must be extremely careful about since you might leave your account open on computers or devices you use temporarily.
Changes for Users with a Third-Party SSO Provider
To avoid trusting your account details to third-party applications (that don’t belong to Google), users will see an extra page when they log in. This page is designed to make sure the user knows which account they’re using and the permissions they are granting to the said application.
Here are the situations when it’s most likely to see the new page when accessing third-party apps:
- If you are signed in to the browser, you will be asked to confirm that the current account is the one you want to use for accessing the app you have been redirected to.
- If you’re not signed in to the browser and the app set the hosted domain parameter, you will be redirected to the third-party SSO provider. The selection page will be then displayed on the G Suite account set for the SSO provider.
- If you’re not signed in to the browser and the app didn’t set the hosted domain parameter, you will be asked to introduce the details for the account you want to use.
Once the login is confirmed, you will only see the account selection page when returning to the said third-party app. So you won’t be forced to go through this process twice with the same third-party app.
On the other hand, this window won’t show up when you’re using an SSO provider to access Google certified applications, like Gmail, Drive, Calendar, and so on.
The page will be displayed either before or after the user is redirected to the third-party app, according to their current state. Also, if you’re wondering which third-party SSO providers are included in this change, you should know that they all are. Even Active Directory Federation Services (ADFS) SSO is included.
Removing an account from the Selection Page
If there are accounts you don’t want to show up on this list, you can remove them by clicking the ‘Remove an account’ link.
A Few Final Concerns
Its also recommended implementing 2-step verification to really secure your account if you haven’t already. Here is some info about 2-step and why its so important