Extended Connector Integration for Google Workspace User Groups

Let Oomnitza be your single source of truth!

You'll get complete visibility of your user groups as data from Google Workspace is automatically transformed into consumable information and actionable insights.

Connect Oomnitza and Google Workspace in minutes

Get the information and insights that you need to reduce costs and the time that you spend on administration tasks such as:

  • Configurable dashboards and list views of key user group information
  • Configurable reports to share information about your user groups with your colleagues and management
  • Configurable workflows that you can easily create such as:
    • Workflows for resetting passwords
    • Workflows for deactivating and deleting users
    • Workflows for suspending, unsuspending, and signing out users
    • Workflows for turning off 2-step verification

Before you start

Best practice
For the integration with Oomnitza, create a dedicated user account.

To stream data about user groups in Google Workspace to Oomnitza, you must add your OAuth 2.0 credentials to the vault in Oomnitza.

blue_link.svg Using OAuth 2.0 to access Google APIs

blue_link.svg Using OAuth 2.0 for web server applications

To add your credentials in Oomnitza, you'll need the following information:

  • Client ID
  • Client secret
  • Scope

Tip
Don't forget to keep a copy of your client secret.

Add credentials to the vault in Oomnitza

To authorize connections between Oomnitza and Google Workspace, complete these steps:

  1. Log into Oomnitza.
  2. Click Settings > Credentials, and then click Add new credential (+).
  3. Add the information details.
  4. Click the AUTHORIZATION tab.
  5. From the Authorization Type list, select OAuth 2.0.
  6. From the SaaS list, select Google.
  7. Enter your client ID.
  8. Enter your client secret.
  9. Enter the scope or set of permissions. You can enter multiple scopes separated by blank spaces. The scope for user groups should include the following:
    • For read only access:
      https://www.googleapis.com/auth/admin.directory.group.readonly
    • To view and manage the provisioning of groups for your domain:
      https://www.googleapis.com/auth/admin.directory.group
    • To view and manage group subscriptions for your domain:
      https://www.googleapis.com/auth/admin.directory.group.member
      blue_link.svg For more information see Google scopes.
  10. Click Authenticate
  11. Click CREATE

You use the credentials that you added to create and customize your integrations with Oomnitza.

Info and connect details

  1. From the menu, click Settings.
  2. On the Integrations page, scroll down to the Extended section for User Integrations.
  3. Click NEW INTEGRATION.
  4. In the New User Integration sidebar, click Google Workspace (G Suite).
  5. To integrate Oomnitza with the Google Workspace User Group Load, click APPLY and then click NEXT twice.

Connect page

Best practice
To ensure that only live user records are streamed from Google Workspace to Oomnitza, choose Update only as your integration preference. When you run the integration, you can check the error logs to see which user records weren't uploaded and why they weren't uploaded. You can then decide whether to upload the user records that were skipped by changing your integration preference to create and upload. See Access error logs.

  1. Enter a descriptive name for the integration such as Google Workspace User Groups. That'll be the name of the user integration tile that is shown on the Integrations page.
  2. From the User Selection list, select User plus SaaS User.
  3. From the installation type list, select Cloud.
  4. From the Credentials list, select the credentials from the Oomnitza vault.
  5. From the Integration Preferences list, select Update only.   
  6. Enter the name of the user of the integration.
  7. Click Next.

Mappings

Map the Google Workspace fields to Oomnitza fields and create custom mappings to get the user group  information that you need.

Standard Google Workspace to Oomnitza mappings

The following fields can be mapped to Oomnitza: 

Admin created?
Connector Sync Time
Description
Email
Etag
Full Name
ID
Kind
Number of members

Before you click NEXT, complete these action:

    • Choose a user role, such as the Employee role.
    • Create a sync key such as Email.

Want to map more Google Workspace fields to Oomnitza?
Contact Support, or see Mapping extended connectors.

Schedule

By default, Google Workspace user data is streamed to Oomnitza once every day.

You can configure the schedule to meet your needs such as changing the interval or changing the time so that the data is streamed when your system isn't busy.

      1. Configure your schedule.
      2. Click FINISH.

Result

A new tile is created for the integration on the Integrations page. 

What to do next

If you want to see what information is collected now, click the tile on the Integrations page and click RUN.

edit-integration.svg

Figure: Mock-up for illustration purposes

If you want to change the integration settings, you can click a navigation link on the page, such as 4 Mappings, and edit the settings. 

Next

To reduce costs by automating repetitive and complex tasks, take advantage of the built-in presets.

Use API presets to create user workflows

Complete these steps:

      1. Click Software > Workflow > SaaS user Role.
      2. Click Add (+). A Begin and End block is automatically added to the workspace.
      3. Enter a name and description. 
      4. Click the Blocks tab.
      5. In the Integrations section, drag and drop the API block into the workspace.
      6. Click Edit on the API block.
      7. Enter Google to search for the presets.
      8. Select a preset:
        • Google Workspace Add email forwarding recipient
        • Google Workspace Enable email forwarding for user
        • Google Workspace Set email auto-reply for user
        • Google Workspace Turn off 2-step verification for user
        • Google Workspace Reset Password for User
        • Google Workspace Sign Out User
        • Google Workspace Suspend User
        • Google Workspace Unsuspend User
        • Google Workspace Delete User
      9. Configure and save your changes. 
      10. Edit the Begin block to schedule and trigger the workflow.
      11. Connect the blocks.
      12. Validate, launch, and save your workflow.

Use the SaaS User Role Retrieval Role preset

Complete these steps:

      1. Click Software > Workflow > SaaS user Role.
      2. Click Add (+). A Begin and End block is automatically added to the workspace.
      3. Enter a name and description. 
      4. Click the Blocks tab.
      5. In the Integrations section, drag and drop the SaaS User Role retrieval block into the workspace.
      6. Click Edit on the block.
      7. Enter Googleto search for the presets.
      8. Select the Google Workspace User Role and click the right arrow.
      9. Click SAVE
      10. Connect the blocks.
      11. Validate, launch, and save your workflow.

Result

Depending on the schedule and rules that you configured in the Begin block,  all of the users that aren't found, or were deleted, or deactivated in Google Workspace are deactivated in Oomnitza.

blue_link.svg Understanding Workflows

Configure URL to User Group in Google Workspace

To configure the link for the User Detail's popup screen to show information about a specific user group in Google Workspace, use the following URL. You replace the highlighted part of the URL with the ID of the user group.

https://admin.google.com/ac/groups/ {{google_usergroup_id}}

Unleash the power of Oomnitza

To get valuable actionable insights that help you manage your assets and users, learn how to:

      • Configure dashboards for your assets
      • Configure custom reports
      • Configure workflows for automating complex and repetitive tasks

blue_link.svg See Getting started

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk