Skip to main content
All CollectionsSalto for other applications
Salto for Google Workspace - Overview
Salto for Google Workspace - Overview
Support avatar
Written by Support
Updated over 3 months ago

Learn how to manage your Google Workspace configuration with Salto

Salto's Google Workspace adapter allows you to:

  • Fetch and deploy common Google Workspace configuration data, such as groups configuration & Roles

  • Compare Google Workspace environments

  • Document configuration changes such as template modifications

  • Monitor specific changes of interest, e.g., changes in Role and Groups permission

  • Back Up & Restore Google Workspace configuration

Supported Types

  • Roles

    • Include permissions

  • Groups

    • Include groups members and group labels

  • Role assignments

  • Domains

  • Templates

  • OrgUnits

  • Schemas (User custom fields)

  • Resources

    • Includes Buildings, Rooms and Features

Connect your Google Workspace account

To connect Google Workspace to Salto, you must utilize OAuth for authentication. Here’s a step-by-step guide to help you through the process:

Configure your account

First you need to enable the necessary APIs, create authorization credentials and adjust your reauthentication policy.
Ensure the OAuth consent screen you're creating is set to Internal. Otherwise, you'll have to re-login every week.

Enable required APIs:

  1. Go to API & Services in your cloud console (click here).

  2. Under Enable API & services, enable the following APIs:

    • Admin SDK API

    • Groups Settings API

    • Cloud Identity API

Create authorization credentials

In your Google Workspace account:

  1. Navigate to the Credentials page.

  2. Click Create credentials -> OAuth client ID.

  3. Select the Web application application type.

  4. Complete the form and click Create.

  5. Copy the Client ID and Client Secret.

Adjust your reauthentication policy

  1. Go to your security settings.

  2. Now you have 2 options, the first one is more permissive:

    1. Check the 'Never require authentication' checkbox and click OVERRIDE.

    2. Set your account to never require authentication for a specific app only:

      1. Under Require reauthentication section, check the Exempt Trusted apps checkbox and click OVERRIDE.

      2. Go to the Apps Access Control page.

      3. Click Add app -> OAuth App Name Or Client ID.

      4. Paste the client ID of the OAuth app you copied in the the in the previous section and click search.

      5. Select the app and check the relevant OAuth Client ID checkbox.

      6. Continue with the default scope.

      7. Under Access to Google Data check the Trusted checkbox and continue.

      8. View your configuration and click Finish.

Connect with Salto

Now, you can connect your Google Workspace account within Salto:

  1. To access the application connection screen, navigate to the environment's settings tab and select the 'Application Connections' section.

  2. In the 'Application Connections' screen, click on 'Connect an application' and choose Google Workspace.

  3. Provide the Client ID and Client Secret you obtained earlier.

  4. Proceed to the consent screens.

Did this answer your question?