Google Workspace Professional Administrator — Question 80

You have configured SSO using a third-party IDP with your Google Workspace domain. An end user has reported that they cannot sign in to Google Workspace after their username was changed in the third-party SSO product. They can sign in to their other internal applications that use SSO, and no other users are experiencing issues signing in. What could be causing the sign-in issue?

Answer options

• A. The SAML assertion provided by the third-party IDP is presenting a username that conflicts with the current username configured in Google Workspace.
• B. The user's Google password was changed administratively, which is causing a sign-in failure.
• C. The issued certificate for that user has been revoked and must be updated before the user can have another successful sign in.
• D. The SAML assertion is providing the user's previous password attached to their old username.

Correct answer: A

Explanation

The correct answer is A because the username change in the third-party system may not have been updated in Google Workspace, causing a conflict with the SAML assertion. Option B is incorrect as the issue is related to the username, not the password. Option C is not relevant since the revocation of a certificate would usually affect all sign-ins, not just one user. Option D is also incorrect because passwords are not typically sent in SAML assertions.