I'm trying to figure out what I need to do in order to achieve seamless SSO sign up.

When an administrator of a domain installs my google app, all of the users on his/her domain, should be able to sign-in through SSO without seeing any confirmation prompts. I'm looking into documentation on how to set this up:

Instead of displaying a confirmation page, your application should match the value of the openid.realm parameter in the OpenID request against the value declared in the application's manifest.

Is there an example of this? Also, I think Google stopped using XML manifest files once they switched from OpendID to OAuth 2.0. If so, how does this whitelist process work with OAuth 2.0?

Should I be utilizing Google Admin SDK?

Since google is moving away from OpenId, white listing instructions are obsolete. Found a blog post about Domain-wide delegation with Oauth 2.0. Google recommends the following:

the recommended authorization mechanism is now to use OAuth 2.0 and service accounts. Google Apps domain administrators can delegate domain-wide authority to the service account’s credentials for a set of APIs. This results in allowing the application, by using the service account’s credentials, to act on behalf of the Google Apps domain’s users.

instructions on how to set up domain wide delegation - https://developers.google.com/drive/web/delegation

you can find detailed step to achieve seamless SSO sign up at the following url

http://david-codes.blogspot.com/2014/07/how-to-provide-seamless-single-sign-on.html