2.7.13

Google Apps (Workspace) Provisioning

Google Apps is a software-as-a-service platform (SAAS) that provides email, calendar, documents and other services. This connector uses the Google Apps provisioning APIs to create, add, delete and modify user accounts and email aliases.

Note: 1. Only the Premium (paid) or Educational versions of Google Apps provide access to the provisioning APIs. 2. Connector will not work on the free Google Apps Domain

Configuration

  1. First obtain the client_secret.json file from your Google Apps instance -

    1. Log in to your Google Apps Admin Console (at https://www.google.com/a/domain-name) and verify that Security > Enable API access is checked (For more information on these APIs, navigate to the Google Developers interface, and search for these APIs).

    2. In the OAuth 2.0 application of choice (at https://console.developers.google.com), create credential of type Oauth Client ID / Other, then download the related client_secrets.json file.

Enter https://console.developers.google.com/

  1. Create New Project

  2. Click on Enabled API & Services

  3. Search for Admin SDK API

  4. Click on Admin SDK API and then click on the Enable button

  5. Once enabled, Click on CREDENTIALS tab

  6. Now click on Create Credentials

  7. And select OAuth client ID option

  8. Select Desktop app as Application type, provide a name for the OAuth 2.0 client and then click on the CREATE button

  9. A response screen is visible that shows that the "OAuth client created" It also displays Your Client ID and Your Client Secret. You may download the JSON here using the DOWNLOAD JSON option.

  10. Click on OAuth consent screen and then Click on edit app

  11. Enter the required details and Click on save and update

  1. Select Internal as User Type if you want to restrict access only to the users of your organization.

    Click on SAVE AND CONTINUE button on the Scopes screen

  2. Search for Admin SDK API and select

  3. Select for group

  4. Click on credential

  5. Download OAuth client

  6. Change to the directory where you have downloaded the bundle and run the following command on the client_secrets.json file that you obtained earlier in this procedure:

$ jar xvf net.tirasa.connid.bundles.googleapps-1.4.3-SNAPSHOT.jar
$ java -jar net.tirasa.connid.bundles.googleapps-1.4.3-SNAPSHOT.jar /path/to/client_secrets.json
Please open the following address in your browser: ?
access_type=offline ...

This command opens the default browser, and loads a screen on which you authorize consent to access the Google Apps account.

When you have authorized consent, the browser returns a code. Copy and paste the code into the terminal from which you ran the original command

Attempting to open that address in the default browser now... 
Please enter code: XXXXXXXX

A response similar to the following is returned.

Once the above information is obtained we need to configure the Google App in Cymmetri with Server Configuration and User Configuration as shown below: