We currently protect GCP for all of our users.
Over the last few months, 4-5 users have been locked out due to GCP push requests popping up on their phones. They are not explicitly requesting these. The odd thing is that they come up exactly every 5 minutes until they are either locked out or they clear their browser cache (seems to only happen on Chrome). I know that these users don’t actually need access to GCP but are using other Google services like Youtube, gmail, etc.
I’ve posted this in the Google Cloud user groups and they suggest it might be something to do with a refresh token.
I’m just wondering if anyone else has come across this? Also, if I choose to protect GCP for only the users who do in fact use GCP, what behavior can I expect for my other users when they go to login to Youtube, gmail, etc.?
Any advice would be appreciated!