SSO with GSuite for vault

I was wandering whether (self-hosted) vault provides an option for SSO integration so that I users can sign in using a corporate email address that is provided by Google.

IF that is the case, is there by any chance the option to map somehow vault users (or groups) to their corresponding google groups?

Yes. Take a look at the OIDC auth engine: JWT/OIDC - Auth Methods | Vault | HashiCorp Developer

1 Like

Thanks. I also came across this interesting video.
The presenter also configures namespaces.

Is their usage mandatory for the OIDC engine?

No. Namespaces are a separate feature, only available with the Enterprise edition.