Google Workspace IDP
Version: 1.1
Updated: May 21, 2025
Google Workspace Identity Platform (IDP) is a cloud-based identity management system that enables secure authentication, single sign-on (SSO), and user access control across Google services and third-party applications.
Actions
- Create User (Containment) - Adds a new user account to the domain.
- Enable User (Containment) - Reactivates a previously suspended user account.
- Suspend User (Containment) - Temporarily disables a user account.
- List All Users (Enrichment) - Retrieves a list of users in the specified domain.
- List All Groups (Enrichment) - Lists all Google Groups in the domain.
- List Group Members (Enrichment) - Lists all members of a specific group.
- Get Group (Enrichment) - Retrieves details of a specific group by group email.
- Get User (Enrichment) - Fetches detailed information about a specific user by email or user ID.
Google Workspace IDP configuration
To create service account credentials in Google Workspace and generate the JSON file needed to configure the Google Workspace IDP integration, follow these steps:
- Log in to the Google Cloud portal.
- Select a Google Cloud project (or create a new one).
- Go to the APIs & Services > Credentials page.
- Click CREATE CREDENTIALS and select Service account.
- Enter a service account name to display in the Google Cloud console. The Google Cloud console generates a service account ID based on this name.
- Optional: Enter a description of the service account.
- Skip two optional grant permissions steps and click Done to complete the service account creation.
- Click on the generated service account to open the details.
- Under the KEYS tab, click ADD KEY and choose Create new key.
- Click on CREATE (make sure JSON is selected).
- The JSON file is downloaded. Make sure you save it in a safe place.
- Enable the Admin SDK API for the project at https://console.cloud.google.com/flows/enableapi?apiid=admin.googleapis.com.
- Go to https://admin.google.com/ac/owl/domainwidedelegation to open the Domain-Wide delegation settings in the Google Admin portal
- Click on Add new.
- In the Client ID field, provide the client ID from the JSON file.
- In the OAuth scopes (comma-delimited) field, provide the following scopes:
- Click Authorize.
Configure Google Workspace IDP in Automation Service and Cloud SOAR
Before you can use this automation integration, you must configure its authentication settings so that the product you're integrating with can communicate with Sumo Logic. For general guidance, see Configure Authentication for Automation Integrations.
How to open the integration's configuration dialog
- Access App Central and install the integration. (You can configure at installation, or after installation with the following steps.)
- Go to the Integrations page.
Classic UI. In the main Sumo Logic menu, select Automation and then select Integrations in the left nav bar.
New UI. In the main Sumo Logic menu, select Automation > Integrations. You can also click the Go To... menu at the top of the screen and select Integrations. - Select the installed integration.
- Hover over the resource name and click the Edit button that appears.
In the configuration dialog, enter information from the product you're integrating with. When done, click TEST to test the configuration, and click SAVE to save the configuration.
- Label. The desired name for the resource.
- Private Key JSON. Provide the content of the JSON file generated in the previous steps. Open the file and copy-paste the whole content in the field.
- Admin User Email. The e-mail address of a Google Workspace admin user.
- Domain Name. Enter your Google Workspace domain.
- Automation Engine. Select whether to use Cloud or Bridge execution.
- Proxy Options. Select whether to use a proxy.
For information about Google Workspace IDP, see Google Workspace IDP API documentation.
Change Log
- May 21, 2025 (v1.0) - First upload
- May 21, 2025 (v1.1) - Updated google logo in integration