Hello @Ladislav Čapka,
Thank you for posting your query on Microsoft Q&A.
Based on your description, it seems you are trying to federate your domain with Google IDP by running a PowerShell command. I hope you are referring to the following documents:
Configure Microsoft Entra ID as a Service Provider (SP) for Google Workspace
Set up single sign-on (SSO) between Google Workspace and Office
Regarding the error: New-MgDomainFederationConfiguration_CreateExpanded: Resource already exists. Status: 409 (Conflict) ErrorCode: Request_MultipleObjectsWithSameKeyValue,
The error Request_MultipleObjectsWithSameKeyValue
typically indicates that the IssuerURI provided in the command is already in use, either in another domain within your tenant or in a different tenant. IssuerURIs must be globally unique.
The IssuerID is the identifier set by the Identity Provider (Google in this case) in the token passed to Entra. Entra uses this IssuerID to locate the tenant-domain and retrieve the signing certificates required for signature validation. To address this, you will need to modify the Identity Provider's configuration to issue a custom IssuerID. Check with Google to generate a custom IssuerID. After making this adjustment to the IssuerURI, you should be able to proceed with the federation.
If your domain status is currently set to Federated, you can convert it to Managed using the following PowerShell commands:
Connect-MGGraph -Scopes "Domain.ReadWrite.All", "Directory.AccessAsUser.All"
Update-MgDomain -DomainId <domain name> -AuthenticationType "Managed"
Get-MgDomain -DomainId yourdomain.com
For detailed steps, refer to this document: Migrate from Federation to Cloud Authentication.
Once the domain is in a Managed state, re-run the PowerShell command with a unique IssuerID and monitor the results. If the issue persists or you encounter additional errors, feel free to share the details for further assistance.
I hope this information is helpful. Please feel free to reach out if you have any further questions.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Thanks,
Raja Pothuraju.