Setting up Azure AD B2B Direct Federation with Google GSuite
If you are looking to configure Azure AD B2B Direct Federation with Google’s GSuite and running into issues here’s a quick screenshot of how it needs to be set up on the GSuite end.
Service provider details
ACS URL: https://login.microsoftonline.com/login.srf
Entity ID: urn:federation:MicrosoftOnline
Name ID format: PERSISTENT
Name ID: Basic Information > Primary Email
SAML Attribute Mapping
Primary email > http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress


Once this is setup your guest users coming in from the specified domain can use their GSuite identity to sign in/SSO instead of having to create a Microsoft Account and password.
