We want to enable guest users for a particular domain to login with their G Suite accounts. We setup the direct federation, but invitations are not redeeming.
We can see when the user accepts the invitation, the user is passed to G Suite, authenticated, passed back to Azure, but then get's the message:
Invitation redemption failed
An error has occurred. Please retry again shortly.
It seems then the SAML response from G Suite to Azure is broken. Either the SAML response is malformed or Azure isn't processing the response correctly.