Status
Google Apps Connector for midPoint is based on ForgeRock's OpenICF connector released in December 2015 with addition of some unique fixes and updates.
TODO
Overview
Google Apps is a software-as-a-service platform (SAAS) that provides email, calendar, documents and other services. This connector uses the Google Apps provisioning APIs to create, add, delete and modify user accounts and email aliases.
Please note that only the Premium (paid) or Educational versions of Google Apps provide access to the provisioning APIs. This connector will not work on free Google Apps domains.
More information on Google Apps can be found here.
Supported Operations
The Google Apps connector supports the following operations:
- Authentication
- Create
- Delete
- Get
- Schema
- ScriptOnConnector
- Search
- Sync
- Test
- Update
- Validate
Configuration
The following table lists all the configuration properties you can specify when setting up the Google Apps connector:
Configuration Property | Required | Type | Default Value | Description |
|---|---|---|---|---|
| domain | X | String | Internet domain name. Seehttps://support.google.com/a/answer/177483?hl=en | |
| clientId | X | String | Client identifier issued to the client during the registration process. | |
| clientSecret | X | GuardedString | Client secret issued to the client during the registration process. | |
| refreshToken | X | GuardedString | The refresh token allows you to get a new access token that is good for another hour. Refresh tokens never expire, they can only be revoked by the user or programatically by your app. | |
| skuid | String | Stock Keeping Units (SKU) ID. For more information see https://developers.google.com/admin-sdk/licensing/v1/how-tos/products | ||
| autoaddlic | Boolean | False | Automatically add license to user after create | |
| productid | X | String | Product ID. For more information see https://developers.google.com/admin-sdk/licensing/v1/how-tos/products |
Getting started
Download and build the project with usual:
mvn clean install
Now you need to obtain credential codes for Google API. Log in to Google API Manager with your Google admin account.
Make sure API access is enabled and credentials created. Retrieve credentials JSON by click on the icon as follows:
Open JSON file and make note of following properties:
client_id":"XXXX434004-XXXu8jrm1iqp3clirelba480qXXX.apps.googleusercontent.com
client_secret":"48zv5mfYZZZZw3QTcb8RBXXX"
In order to authenticate with Google you will also need refreshToken. To retrieve it, go to your connector-googleapps java project, run the main and confirm requested action in your web browser.
connector-googleapps> mvn exec:java -Dexec.mainClass="com.evolveum.polygon.connector.googleapps.Main" ------------------------------------------------------------------------------------------- Generate credentials for GoogleApps Connector ------------------------------------------------------------------------------------------- You have to created and registered App in Google API and Google API enabled. Add these credentials into configuration fields in Google Apps Connector. See readme.txt. ------------------------------------------------------------------------------------------- Enter Client ID: <censored> Enter Client Secret: <censored> Please open the following address in your browser: https://accounts.google.com/o/oauth2/auth?<censored> Generated credentials: { "clientId" : "<censored>", "clientSecret" : "<censored>", "refreshToken" : "<censored>" }You now have all the information you need to configure the connector resource in the midPoint.