Overview
Google Apps is a software-as-a-service platform (SAAS) that provides email, calendar, documents and other services. This connector uses the Google Apps provisioning APIs to create, add, delete and modify user accounts and email aliases.
Please note that only the Premium (paid) or Educational versions of Google Apps provide access to the provisioning APIs. This connector will not work on free Google Apps domains.
More information on Google Apps can be found here.
Installation
To install the Google Apps connector, add the bundle JAR file to a directory on your disk. If your application has a dedicated directory for connector bundles, put the file in that directory. For example, Apache Syncope looks for connector bundles in the configured bundles directory.
Supported Operations
The Google Apps connector supports the following operations:
Configuration
Configuration Property | Required | Type | Default Value | Description |
---|---|---|---|---|
domain | X | String | Internet domain name. See https://support.google.com/a/answer/177483?hl=en | |
clientId | X | String | Client identifier issued to the client during the registration process. | |
clientSecret | X | GuardedString | Client secret issued to the client during the registration process. | |
refreshToken | X | GuardedString | The refresh token allows you to get a new access token that is good for another hour. Refresh tokens never expire, they can only be revoked by the user or programatically by your app. |
Obtaining the configuration parameter values
- Log in to your Google Apps Admin Console (at https://www.google.com/a/domain-name) and verify that Security > Enable API access is checked.
For more information on these APIs, navigate to the Google Developers interface, and search for these APIs. In the OAuth 2.0 application of choice (at https://console.developers.google.com), create credential of type
OAuth Client Id / Other
, then download the relatedclient_secrets.json
file.Download the Google Apps connector bundle
Change to the directory where you have downloaded the bundle and run the following command on the
client_secrets.json
file that you obtained earlier in this procedure:$ jar xvf net.tirasa.connid.bundles.googleapps-1.4.0.jar $ java -jar net.tirasa.connid.bundles.googleapps-1.4.0.jar /path/to/client_secrets.json Please open the following address in your browser: https://accounts.google.com/o/oauth2/auth? access_type=offline ...
This command opens the default browser, and loads a screen on which you authorize consent to access the Google Apps account.
Tip
If you have recently created your Google Apps account, it might take some time (often two hours or more) to synchronize the data required for this access request to work. For additional information, refer to the Google documentation noted earlier.
When you have authorized consent, the browser returns a code. Copy and paste the code into the terminal from which you ran the original command.
$ Attempting to open that address in the default browser now... Please enter code: XXXXXXXX
A response similar to the following is returned:
{ "clientId" : "5x4x3x4x0x8x-cxlx3xsxcx8xixlxmx3x0xrxgx7x6x3x.apps.googleusercontent.com", "clientSecret" : "0xhx9xrx8xdxqx9xDxjxUx3x", "refreshToken" : "1x7xmxfx_yxuxNxUxFxjxVxVxkxXx3XxHxMxYxzx5xcxI" }
You can now use the information above to populate the configuration properties as reported above.