/ Blog / Google Cloud / G Suite / Google Apps SSO Security Deadline: Aug 28th

Google Apps SSO Security Deadline: Aug 28th

FYI – If you have not seen this yet, please review.  It’s critical that you update all SSO code to reflect the new security requirements, otherwise, SSO will be turned off on this date.  Contact us if you need assistance.


Hello Google Apps admin for <DOMAIN>,

We recently notified you about a critical vulnerability involving your

Google Apps single sign-on (SSO) implementation.  Our records indicate

that you are still at risk and must take action.  Please correct this

security risk immediately.

For your protection, if you have not secured your sign-in application

by August 28th, 2008 at 12:01 am Pacific Time, we will disable SSO for

your domain.  We would like to emphasize that we do not believe this

vulnerability has been exploited, but we reserve the right to disable

SSO for your domain even earlier if we receive reports that this

vulnerability has been exploited for other domains before then.  This

will protect your data, but your users will be unable to access Google


To secure your sign-in application, you must include the Recipient

attribute in the SAML response.  Learn more here:


If your sign-in application is derived from our sample code, please

refer to the latest version of the sample code for the changes you’ll

need to make to your own code.  The updates to the sample code are

also described in the link above.

If your sign-in application was not derived from our sample code (e.g.

it is a third-party identity provider software), please forward this

information to the developers of the identity provider software.

If you have any questions, please email apps-sso-support@google.com.

Tony Safoian


Logo for Google Cloud

eBook: Planning for a Multi-Cloud & Hybrid Cloud World

Learn how modern enterprises are benefiting and gaining a competitive advantage by embracing multi-cloud and hybrid cloud strategies with tips on overcoming security challenges and planning a successful multi-cloud migration.

Scroll to Top