To configure a Google Workspace user sync with Kantega SSO Enterprise, you will first have to create a service account, assign the account privileges, then create an impersonation account for the service account and a role for reading users and groups. Follow the steps described below to prepare your Google Workspace for integrating with a Kantega SSO Connector directory. When these steps are finished, you can go to Kantega SSO and paste the values needed.
Start setup in Kantega SSO Enterprise
To add a Workspace Connector/ User Directory in an Atlassian product, navigate to Kantega SSO Enterprise > Cloud user provisioning. Then add a Google Workspace connector.
...
Let’s go to Google to get the setup needed!
Configure Google workspace
Status | ||||
---|---|---|---|---|
|
Set up service account in Google Cloud
...
You do not need to set a password.
Click ADD NEW USER
...
Cut & paste Copy the account username into the "Admin account address" and make a note of it as it email address (e.g. jira-read@yourdomain.com) for later use. It will be needed again later in Kantega SSO.
...
Search for the impersonation account you created earlier. We have chosen to call the account in this example jira-dev-read. Click ASSIGN ROLE.
...
Complete the setup in Kantega SSO Enterprise
Go back to your Atlassian product and to the form you started in the beginning (If you closed that, just start a new one under Kantega SSO Enterprise > Cloud user provisioning, and clicking add provider > Google Workspace).
Paste the values obtained during the setup in Google.:
...
You can then add the user directory (which will act like a normal Crowd directory) and start the sync. Once the Crowd user directory has been created, you can view users, groups and group memberships retrieved from Google Workspace.
...
Check “Use nested groups” if you use nested groups in Google Workspace.
...