Integrating Google with Authomize
Integration with Google provides visibility about your organization’s identities and assets and their access across all of your Google stack, such as your cloud resources in GCP, your data in Google Drive, and your identities and their connected applications in your Google Admin Directory.
Google integration workflow
Installation
Start in Authomize
- Log into Authomize
- Go to Settings/Data Sources and click Google Admin Directory.
- Alternatively, click Add New App and then select the Google Admin Directory.
This opens the Update Google Cloud Platform Integration dialog.
- In the Integrate Google Cloud Platform dialog:
Step 1. Click Go to Google store.
This open’s Google’s Marketplace (to the Authomize page).
Continue in Google Marketplace
- On the Authomize page in GCP Marketplace (gsuite.google.com/u/0/marketplace/app/authomize/923330393623)
click Admin Install.
If you agree to installing Authomize across your Google Workspace, click Continue.
- At this point, a list of all the permissions needed by Authomize for the integration are displayed.
To continue, click the agree checkbox and then click FINISH.
Note: You can use GCP to limit these further.
- If, at this point, you go to Google Apps (
), you will see that Authomize was installed.
|
Return to Authomize GCP Integration page
- Fill in the remaining steps with info from GCP.
Step 2. Enter GSuite admin email address and Organization ID.
You can find your Customer ID at: admin.google.com/u/1/ac/accountsettings
Step 3. Check/uncheck the Allow Authorize to update access policies.
Step 4. Enter a name for this integration
Step 5. Enter an integration owner’s email.
Click Integrate.
5. Integration will continue in the background. You can come back to check progress.at any time
When Google is integrated you will see three entries in your Connected Apps list.
What data is collected
Google Admin Directory
- User Data
- User name
- User admin roles
- Last login
- User Groups
- Group name
- Group member name
Google Cloud Platform
- Cloud Assets
- GCP Account
- Server Names
Google Drive
- Personal drives
- Shared drive
- Files/Folders permissions
- Who has access to them
Google Calendar
- Personal calendar names
- Shared calendar names
- Who can see calendars
Enabling Google APIs
You’ll need to enable Google APIs for your project, as Authomize needs the APIs. To do this:
- Go to console.cloud.google.com
- Click the API & Services button, and then go to the API Library.
|
- Search for one of the APIs you will need.
- Click on it and Enable it.
- If you succeeded, you will see this:
- Repeat these steps for those services that you want Authomize to fetch data from, such as: