This article explains how to set up Google single sign-on (SSO) for your organization. Google SSO only works if you use Google Workspace in your organization.
With Google SSO:
- Employees can immediately access Personio using their Google accounts, with Google managing account access. They don't need to create passwords for Personio.
- You manage access within Google Workspace. For example, when an employee leaves your organization, you deactivate them in Google. This action also removes their Personio access.
Before you start
To set up Google SSO for your organization, you need the following permissions:
- An Administrator role in Personio, or
- An employee role with edit permissions for Account configuration > Authentication.
We recommend you complete your account setup before enabling Google SSO. Once you turn on SSO, the Personio UI automatically suggests this login option to your employees.
When Google SSO is active, your employees can use a single button to log in to Personio. If it’s the only active login method, they’re required to use it. We recommend securing your Google Workspace Admin account by activating two-factor authentication.
Understand how Google SSO works
When an employee tries to log in to Personio with Google SSO, Google verifies their identity. Once Google confirms who the user is, Personio looks for that employee's profile. If the email addresses match, Personio logs the employee in.
You can combine Personio Credentials with Google SSO.
Enable Google SSO for your organization
To enable Google SSO, follow these steps:
- Go to Settings.
- In the Security & integrations section, click Security & authentication.
- Enable Google SSO.
On the Personio login page, your employees can now log in by clicking Continue with Google.