G Suite SSO error app_not_configured_for_user

Question

I am integrating Google G Suite SAML/SSO into our company web application. I have set up all necessary fields in our G Suite admin account, as well as in our service provider code.

Here are the cases where the login works great when attempting to access our web app:

1. Not logged into any Google accounts: Redirects me to Google "Choose an account" page. I log into my company account, and I am redirected to my application.

2. Logged into both my company Google account and my personal Google account (in the same browser): Redirects me to Google "Choose an account" page. I choose my company account, and I am redirected to my application.

This is the case where the login behaves less than ideal:

1. I am logged into only my personal Google account. I attempt to access my company application and I am redirected to a Google 403 error page that tells me "Error: app_not_configured_for_user / Service is not configured for this user.". There are no links to choose a different account, and I am stuck on that page until I open another tab, log into my company Google account, then, open another tab and attempt to access my application again (which I am then taken to the choose account page).

This is a common scenario and could be quite irritating if this SSO implementation is delivered like this. Ideally, in this scenario, I would like the user to be shown the "Choose an account" page, instead of this 403 error page. Even a nicer message would be better.

I have spent quite a while looking for any setting that I am missing in my G Suite admin account, as well as any additional parameters I can send in the authentication request, because I don't want my users to ever see this error page and wonder what is going on.

Has anyone ran into this situation before? Any help is appreciated.

Answer 1

Recently, i faced the same issue. I have a node application that uses gsuite as an identity provided (sso connection). the app was well configured but every time i tried to connect to my app i had this famous error app_not_configured_for_user.

So, the problem in my case was the http and i solved it by trasforming my node application from using http to use https protocol and i changed my callback address from http://my-domain:3000/login/callback to https://my-domain:3000/login/callback.

I hope this will be helpful.