Identity Provider for specific groups

Hi there

I’ve setup Google as an Identity Provider, but I only want it available to certain groups in my account. Since using a Google account counts as self-registration, I only want certain groups to be able to register on their own.

I noticed this thread has a screenshot of modifying groups for google IdP, but I can’t track that screen down. Is this possible? I figured it would be under my application sign-on settings, like multifactor, but it’s not there.


I think you could use the user matches rule in the IdP discovery config (feature flag needs to be enabled by support to see this Routing Rules tab):

The screenshot if from the assignment groups of the IdP configuration (

Group Assignment Option 2: Assign to specific groups

Assign each user to the group(s) listed in the Specific Groups field. You must enter one or more groups in the field.

User-added image