
Use federated authentication with Google Workspace in Apple Business Manager
After you have verified your domain, you can configure Apple Business Manager to use federated authentication with Google Workspace.
Configure the federated authentication process
In Apple Business Manager
, sign in with a user that has the role of Administrator or People Manager.Click your name at the bottom of the sidebar, click Preferences
, then click Accounts
.Next to Federated Authentication, click Edit, select Google Workspace, then click Connect.
Click “Sign in with Google,” enter your Google Workspace administrator information, then click Next.

Enter the password for the account, then click Next.
If necessary, review the list of automatically verified domains and any conflicting domains.
Click Done.
In some cases you may not be able to add your domain. Common reasons are:
The Google Workspace administrator account used doesn’t have permission to add domains.
The user name or password from the account in steps 4 or 5 are incorrect.
You or another Google Workspace administrator modified the default attributes.
Turn on federated authentication
If you’re planning to sync with Google Workspace, you must turn on federated authentication before you sync.
In Apple Business Manager
, sign in with a user that has the role of Administrator or People Manager.Click your name at the bottom of the sidebar, click Preferences
, then click Accounts
.Click Edit in the Domains section, then turn on federated authentication for the domains that have been successfully added to Apple Business Manager.
It may take a while to update all accounts.
Test federated authentication
You can test the federated authentication connection after you’ve performed the following tasks:
You’ve completed a successful connection and verification to your domain.
The check for user name conflicts is complete.
The Managed Apple ID default format is updated.
Note: Accounts with the Administrator role can’t sign in using federated authentication; they can only manage the federation process.
In Apple Business Manager
, sign in with an account.If the user name you signed in with is found, a new screen indicates that you’re signing in with an account in your domain.
Click Continue, enter the password for the user, then click Sign In.
Sign out of Apple Business Manager.
Note: Users can’t sign in to iCloud.com unless they first sign in with their Managed Apple ID on another Apple device.