The Google Workspace Connector's Outbound Provisioning functionality is built using Google’s Admin SDK, which requires an OAuth 2.0 access token for authentication. To obtain the access token, you will need to first obtain your Application Name, Client ID and Secret from Google Apps.

Important:

The Google Workspace Provisioner uses APIs provided by Google, which are subject the Terms of Service in the Google Admin SDK documentation.

Note:

API Access will need to be enabled on the Google domain in order to use the Google Workspace Provisioner for Outbound Provisioning. For information on how to enable API Access for a Google domain, see Control which third-party & internal apps access Google Workspace data in the Google documentation.

  1. Sign on to the Google Developers Console ( https://console.developers.google.com ) with a Super Administrator Google account.

    For information, see Google Developers Console in the Google documentation.

  2. Create a new project (if you don’t already have one).
  3. Set the APIs for your project by clicking Enable APIs and Services. Enable the Admin SDK for your project.
  4. Configure the Consent Screen for your project.
    Tip:

    The Consent Screen is the screen admins will see when obtaining their Access and Refresh tokens in another step.

    1. Set the Product Name and make note of this value as it is required for the APPLICATION_NAME.
    2. Set the other fields as required by your organization.
  5. Generate Credentials for your project by doing the following:
    1. Create a new OAuth 2.0 Client ID for a Web Application type application.
    2. Set the Authorized Redirect URI field to:
      https://oauth.pingone.com/ocs/ppm/rest/v1/oauth/oastempcredresponse/
  6. Finish by saving or creating the Client ID.
  7. Make note of the Client ID and Client Secret that you just created.