Hello @mariecharuit,
Welcome to the Personio Community, and Thank You for reaching out with your question
It is actually possible to use the Google SSO (Single Sign-on) with the private mail address of an employee, but only if that private email address is a google account.
With Google SSO enabled, Personio users can simply log into their Personio via their Google account instead of their standard Email and Password login data.
If the future employee does not have a google address as their private email, they won’t be able to log in to Personio with the Google Authenticator.
FYI: There are other alternative ways to integrate an Authentification Provider in Personio - you can find out about them here.
I hope this helps!
Do you think you will be able to activate Google SSO or rather not?
Looking forward to your reply!
Best,
Daniele
Hi Daniele,
Thanks a lot for your reply.
Not sure to understand : if a future employee does not have a Google email address, is there another way for him/her to login as s.he can’t use SSO?
If yes, we will use SSO, if not, we won’t be able to use it as all our futures employees don’t have a Gmail address and we need them to log in before they have their professional email address.
Thanks a lot.
Best,
Marie
Hi @mariecharuit,
Google SSO
The simple, out-of-the-box integration with Google cannot be set as optional. If it’s active, it is only possible to log in with the Google Authentication.
OAuth 2.0
However, there is an alternative way to allow Google Authentication + normal login by manually setting up OAuth 2.0 with your Google account. It takes more steps than setting up Google SSO. This article explains how to do it.
Using OAuth 2.0 makes it possible to either allow the login via Google OAuth for all employees or to use the regular login (see screenshot + Help Center Article).
If I understand your situation correctly, this would be a possible solution for you.
Workaround
A simpler method would be to directly create a professional (google-hosted) email address for the employees in the Onboarding phase and forward them the email address once the contract has been signed. However, this probably wouldn’t be a solution for you since you stated that you “need them to log in to Personio before they have their professional email address”.
I hope this helps! Are you planning to set up OAuth 2.0?
Best,
Daniele
Hi Daniele,
Thanks a lot for your reply and explanations. We would love to use it but we need to upgrade to Enterprise plan to access OAuth 2.0. So I guess this won’t be possible…
Hi @mariecharuit,
I’m sorry to hear that you won’t be able to implement this with your current account.
If you have any other questions or ideas, feel free to create a new topic here
Best,
Daniele