Skip to main content


 

 

druva_logo.pngDruva
|
Documentation

How can we help you?

Trending articles:

 

Druva Documentation

Druva utility to integrate inSync and Google

  1. Last updated
  2. Save as PDF
Heads up!

We've transitioned to a new documentation portal to serve you better. Access the latest content by clicking here.

  

Overview

With Single Sign-On implementation, it is important that the SSO application on IdP side provides the SSO Token during each user authentication. With Google as IdP, the SSO Token applies to each user. To automate this process, Druva has created a utility that helps in integrating Druva inSync with Google Workspace SSO.

This utility helps in integrating Druva inSync with Google Workspace SSO. This is a command line utility labeled inSync-Google-integration.exe and you must run it from Windows command prompt. It uses Google administrator API to insert inSync-specific schema in Google Workspace user.

This utility runs for those users who do not have inSync-specific schema and are not Google administrators by default.

You can download the utility from:

https://cloud.druva.com/home/link/br...brnC_y1WtYo%3D

Prerequisites

The prerequisites from Google that permit Admin API access are as follows:

  1. Google needs to create an IAM service account to allow access to the Admin SDK API.
  2. Scope of the particular API must be defined. For the API called in this utility, define the following scope:

    'https: //www.googleapis.com/auth/admin.directory.user',
    'https: //www.googleapis.com/auth/admin.directory.userschema'
     
  3. IAM service account key file must be saved in JSON format.
  4. IAM service account must have Google Workspace Domain-wide Delegation.
  5. Authorize the client ID for the above scopes.

Detailed steps for making sure that the above prerequisites are satisfied are available in the following KB articles by Google :

Sample utility usage

Sample usage

<usage: inSync-Google-integration.exe: use -h for help>

Options:  

--version                                                 show program's version number and exit
  -h, --help                                   show this help message and exit
  --googleadmin=ADMIN           Email of Google Apps Administrator
 --keypath=PATH         Path to Service Account's json keyfile
 --token=SSOTOKEN                   SSO token from inSync Web UI
 --all                                     Run for All Users
  
inSync-Google-integration.exe --keypath=DruvaSSO-45345345345.json --token="89-d88a95777e3b8fae07e619af503d7109323f7353041e620fddf4fb6e20751a08" --googleadmin="jondove@example.me"

To enforce the schema update for all users including Admins use '--all' option.

Log location

The utility logs are saved in a local directory (Google_SSO_<date>.log) from where the utility script is running.

Please contact Druva Support (support@druva.com) for further details or help with above steps.