Set up Google User Repository Integration in Google Workplace

  • Updated on Jun 6, 2024
  • Published on Jun 6, 2024
Prev Next

Follow these steps to set up the Google User Repository Integration in your organization’s Google Workplace

Step 1

Create a Google Project

To create a Google Project:

  1. Click New Project

  2. Choose a Project Name

  3. Set the domain and location

Step 2

Set up credentials

To set up your Project’s Credentials:

  1. Go to API & Services > Credentials (tab)

  2. Click Configure Consent Screen.

  3. Select Internal for User Type

  4. Click Create

  5. Enter the app name (name of application), user support email for users to contact with questions, and developer contact information

  6. Click Save and continue

  7. Click Add or remove scopes

Step 3

Add scopes

To add scopes manually:

  1. In the Manually add scopes field, add:

https://www.googleapis.com/auth/admin.directory.user.readonly
https://www.googleapis.com/auth/admin.directory.group.readonly
https://www.googleapis.com/auth/admin.directory.group.member.readonly

  1. Click Update

  2. Click Save and continue

Step 4

Create Credentials

To create credentials:

  1. Click on the Credentials tab in the sidebar menu

  2. Click Create Credential

  3. Select Service account

Step 5

Create Service Account

To create the Service Account:

  1. Fill in the Service Account name

  2. Click Create and continue

  3. Leave Grant this service account access to project empty

  4. Leave Grant users access to this service account empty

  5. Click Done

Step 6

Add Service Account Key

To add the Service Account Key:

  1. Go back to the Credentials tab in the sidebar menu

  2. Click the Key tab

  3. Click Add Key

  4. Select Create new key

  5. Select .JSON

  6. Click Create

  7. Save the .JSON file in your local drive, so that you can upload it to SysAid later on

Step 7

Enable the API and Services

To enable the API and Services

  1. Click Enable APIs and Services

  2. Enable Admin SDK API

  3. Open the JSON file

  4. Copy the “client_email” value (to be used in Step 10)

Step 8

Assign Admin Roles

To assign Admin Roles:

  1. Go to https://admin.google.com/

  2. Expand the Account dropdown item in the sidebar menu

  3. Select Admin roles

  4. Select Services Admin

  5. Click Admin

Step 9

Assign User Management Role

Select User Management Admin

Step 10

Assign Service Accounts

  1. Enter “client_email” value that you copied in Step 7

(Add the “client_email” value for the Groups Admin rule)

  1. Click Close