Thank you for your help. I figured it out after some tests with Azure SAML and Google SAML. While Azure was working instantly for Google it seems like it took a while...    When I configured the domain like you recommended in Meraki Client VPN SAML settings, it was showing up an XML file in the little AnyConnect auth window without any options. So that was not the trick, at least not for Google SAML auth.   So in the end I have done it like this (might be interesting for others who want to do the same):   In Google Workspace   New user definded SAML app Configure as follows: Enable App for OU and/or Group. I just enabled it for everybody. Important: don't choose "Signed response", I was struggling with that as well.       On Meraki side   Enable AnyConnect Configure as follows:   Configure remaining settings as needed.   When testing the app in Google with the button "TEST SAML LOGIN" it should show up the following in a new browser tab:     So, in the end this is working really nice and smooth. In my opinion it was like this in the very beginning but not working as I might did not wait long enough for Google and changed setting before one of the providers was ready to go and so I think I ended up in a loop of errors without giving the systems a change to take over properly. Or maybe it was the additional blank after the Entity ID in the Google SAML conf that it ended up in an URL mismatch.    Anyway, if there are any questions, feel free to ask. 🙂   ... View more