Import users via Google Workspace

From version 32, COYO supports synchronizing the import of users and groups from Google Workspace via the Google Workspace Admin SDK Directory API.

 

Google configuration

To use the Google Workspace user directory from COYO via the API console from Google, the following needs to be in place:

  • The admin SDK must be activated.
  • A service account must be created,
    • with domain-wide authority delegation.
    • The login data must be exported as a "service-account.json" file.
  • In the Google admin interface:
    • There must be a user with full access to users and groups, who acts as a "service account user".
    • The client (client ID) who belongs to the service account must be added under
      "Security > API management > Domain-wide delegation" with the following scope of application:
      • https://www.googleapis.com/auth/admin.directory.user.readonly
      • https://www.googleapis.com/auth/admin.directory.group.readonly
      • https://www.googleapis.com/auth/admin.directory.group.member.readonly

 

COYO configuration

Within COYO, the configuration is very similar to the LDAP protocol. Under Administration, select the tab "User directories" and select the type "Google Workspace".

The attribute for user identification is entered on the "User" tab. We recommend using the "primaryEmail" here.


Bildschirmfoto_2021-02-04_um_11.21.02.png

 

The rest of the configuration works exactly the same as you know from configuring a user synchronization, e.g. via the LDAP protocol. 

Missing something?

You feel that an article is missing? You would like to see a webinar or a video on a certain topic?

Get in touch