Google Workspace SSO 403 oidc_generic_domain_not_allowed Error

zbys
zbys
Community Member
edited September 6 in Business and Teams

We recently enabled sign in with google for 1password, and have had a number of staff successfully switch over.

However, one of our remote users has recently reported that he gets an error "Check that you are logged into your business domain rather than the generic 'my' domain.

ServerError: 403 (oidc_generic_domain_not_allowed)

We are 12 hours apart in time zones, so troubleshooting this has been slow as it's hard to align our time. Does anyone know what could be causing this issue? I have created a test user account and confirmed that with a normal process this should work fine, so presume it's something that this user is doing differently.

Kind regards,
-Z

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

Comments

  • ag_tommy
    ag_tommy

    @zbys

    This error means that they are likely attempting to login using http://my.1password.com/ instead of the unique (custom) domain your company has configured for your 1Password account.

  • zbys
    zbys
    Community Member

    Thanks @ag_tommy - that was indeed the issue. I find it a bit unusual that 1password doesn't forward users to the correct domain when attempting to log in with a corporate email which seems fairly common practice.

  • ag_tommy
    ag_tommy

    @zbys

    Perhaps in the future that may be something the team can look into. Thank you for the suggestion.