In addition, Google Apps can now become an identity hub for multiple SaaS providers, simplifying identity management for organizations. For example, when integrated with partner solutions such as PingConnect from Ping Identity, the Google Open ID Federated Login API enables a single Google Apps login to help provide secure access to services like Salesforce.com, SuccessFactors, and WebEX — as well as B2B partners, internal applications, and of course consumer web sites. See Ping Identity's post to learn more about their implementation and view the demo.
The user types in his Google Apps email address. The user never gives away his Google Apps Account password to Manymoon.
Once approved, the user is redirected to Manymoon and is signed in and ready to work with selected accounts.
You can find more details in our API and Discovery documentation, or join the discussions in the Google Federated Login API Group, where you can ask any question and get answers from other Identity Providers, Relying Parties and Google engineers.
The OpenID Federated Login Service is available for all Google Apps editions. However, it is disabled by default for the Premier and Education editions, and it requires the domain administrator to manually enable it from the Control Panel. We've enabled the service for our employees here at Google, and domain administrators — you can also enable it for your domain.