Introduction
In today's enterprise environments, managing secure access to critical services like file transfer platforms must balance convenience, security, and scalability. To meet these demands, SFTPPlus MFT offers seamless integration with Google Identity to implement Single Sign-On (SSO) - not only for end-user file transfer operations but also for administrative access to your MFT solution deployment on top of the Google Cloud Platform (GCP).
This article explores how SFTPPlus leverages Google Identity to enhance authentication, simplify user management, and maintain compliance in modern IT infrastructures.
Benefits of SFTPPlus and Google Identity Integration:
- Enhanced Security Strong authentication, token-based access control, and MFA support.
- Operational Efficiency Single set of credentials for all users and administrators.
- Simplified Compliance Easier enforcement of security policies and audit trails.
- Scalability Integration supports both small teams and large enterprise deployments.
Why Use Google Identity for SSO with SFTPPlus MFT?
Google Identity is the identity management service provided by the Google Cloud Platform that enables organizations to centralize authentication across multiple applications and services. Integrating Google Identity with SFTPPlus MFT brings several advantages:
- Unified access management across file transfer and administrative portals.
- Reduced password fatigue by using existing Google Workspace credentials.
- Stronger security with multi-factor authentication (MFA) and standardized OAuth 2.0-based token exchanges.
- Simplified onboarding and offboarding through centralized user provisioning.
By connecting SFTPPlus MFT to Google Identity, organizations can streamline operations and strengthen the security of their file transfer servers.
Single sign-on for users and administrators
SSO for File Transfer Operations
SFTPPlus offers HTTPS based file transfer interfaces that can be protected via external authentication mechanisms like Google Identity.
Users access the HTTPS file transfer server using their Google Workspace accounts.
Authentication is handled through the OAuth 2.0 protocol, with SFTPPlus validating user identity using OpenID Connect (OIDC) tokens.
File transfer sessions are securely established only after the user's identity has been verified by Google and SFTPPlus access rules have been applied based on user's groups membership.
This integration enables end users to securely upload, download, and manage files without managing separate login credentials, reducing friction and improving usability across the organization.
SSO for Administrative Operations
Beyond user file transfers, securing administrative access is critical to protecting sensitive system configurations and audit data.
SFTPPlus MFT also allows administrative users to authenticate through Google Identity.
The administrative portal (web-based UI) can be protected using OAuth 2.0 and SSO.
Admin users are granted roles and permissions based on their Google Identity group memberships.
Access control policies can be enforced consistently across all your services, not only the FTP or SFTP servers.
How the Integration Works
You can check our documentation page dedicated to Google Identity for a detailed technical description on how to integrate SFTPPlus MFT and Google Identity.
Google Identity integration is available in SFTPPlus since version 5.12.0, released in April 2025.
In this article, we provide a high level description of the process of integrating SFTPPlus MFT with Google Identity for SSO:
- Create the Google Identity authentication method inside SFTPPlus product. This will get you the Google Identity unique ID used by SFTPPlus.
- Create the SFTPPlus MFT integration inside your Google Cloud project. This will get you the SFTPPlus unique ID and secret used by Google Cloud.
- Configure Google Cloud with the authorized redirect URIs based on the URL used to deploy your SFTPPlus MFT server
- OAuth 2.0 Authorization Flow. Users are redirected to Google’s authentication service when trying to access SFTPPlus resources.
- Access Granting. Based on configured rules, SFTPPlus grants access to file transfer or administrative functionalities depending on the authenticated user's group membership.
This architecture ensures that user credentials are never directly handled by SFTPPlus, maintaining a strong separation between the authentication provider (Google Identity) and the service (SFTPPlus MFT).
Conclusion
Integrating Google Identity for Single Sign-On with SFTPPlus MFT transforms file transfer and administration into a secure, streamlined, and scalable operation. Organizations can leverage familiar Google Workspace credentials to grant secure access to users and administrators alike, ensuring critical file transfer systems remain protected without adding unnecessary complexity.
If you are ready to modernize your authentication process and enhance security across your file transfer operations, SFTPPlus MFT makes the transition simple, efficient, and future-ready.
Support is provided for legacy authentication methods and you can operate SFTPPlus MFT in a hybrid environment with both Google Workspace credentials as well as with your other non-Google credentials, for example Active Directory or independent application users.
Get Expert Help Setting Up Single-Sign On
The SFTPPlus MFT Support Team is available to assist organizations with consulting and hands-on setup for secure file transfer integrations with Google Identity. Our experts can guide you through the entire process - from initial planning and configuration to advanced customization and security hardening.
Whether you need help deploying Single Sign-On (SSO) for user authentication or aligning your integration with internal compliance requirements, our team offers tailored support to fit your specific operational and security needs.
👉 Contact the SFTPPlus MFT Support Team - we're ready to help you design and implement a secure, efficient solution tailored to your needs.