User & Directory Sync
      Back to home
      1. Help Center
      2. Receive
      3. User & Directory Sync

      How to enable Google Workspace Directory Sync?

      This is a step-by-step guide for Google Workspace Sync Directory Integration Process.

      • You must already have configured SSO in PackageX Receive
      • For directory integration, you must have an active Google Cloud Platform
        account. 
      • Login to Google Cloud Platform: https://console.cloud.google.com/

      • Create a new Project. You can make this as part of an Organization if your
        GCP is configured that way. You can choose either of the places to create a
        new project which are marked in red below.

        Untitled

      • You can name the project e.g. PackageX Receive. Select the other options
        and click Create. Wait for the project to be created. 

        Untitled 1

      • From the navigation menu, choose IAM & Admin -> Service Accounts.

        Untitled 2
      • Click CREATE SERVICE ACCOUNT. 

        Untitled 3
      • Enter a service account name e.g. packagex-receive. You may optionally
        enter a description. Click CREATE AND CONTINUE.

        Untitled 4
      • Do not grant any role to this service account. Click CONTINUE.

        Untitled 5

      • Do not enter anything in the 3rd prompt and click DONE.

        Untitled 6
      • Click Actions -> Manage Keys.

        Untitled 7
      • Click ADD KEY -> Create new key.

        Untitled 8

      • Select JSON and click CREATE.

        Untitled 9
      • You will be presented with this prompt and your key will be download to
        your system. You will need it later. Click CLOSE.

        Untitled 10

      • Click Navigation menu -> APIs & Services -> Enabled APIs & services.

        Untitled 11
      • Click ENABLE APIS AND SERVICES.

        Untitled 12
      • Search for Admin SDK API & Select it.

        Untitled 13
        Untitled 14

      • Click ENABLE.

        Untitled 15

      • Go back to Google Admin Console and go to Security -> Access and data
        control -> API controls.

        Untitled 16

      • Scroll down and click MANAGE DOMAIN WIDE DELEGATION.

        Untitled 17
      Click Add new. For Client ID, open the file download in step 10. You can open it
      in Notepad. Copy the value against client_id, without the quotes (these should
      only be numeric ), and paste it here.
      Enter the following OAuth scopes:
      • 1. https://www.googleapis.com/auth/admin.directory.user.readonly
      • 2. https://www.googleapis.com/auth/admin.directory.orgunit.readonly

      Click AUTHORIZE.


      Untitled 18

      You should see the new entry.

      • Now go back to the PackageX Receive Portal. You need to upload the file
        downloaded in step 10 and fill in some additional information.
      • Enter the email address of an Admin User of Google Workspace Admin. You
        can find this information in the Admin Console as Account -> Admin Roles.
        Hover over Super Admin and click View admins.
      • The Organization Unit should be the value you setup in Step 11 of the SSO
        Integration guide. This will restrict users to only those members who are
        part of the organization unit.
      • To allow all users, put Organization Unit as /
        Click SaveUntitled (14)
      • If the information provided is correct, directory will be integrated and toggle will
        turn to on.
      • You may choose to remove directory integration at any time by
        toggling it off.
      • To turn it back on again, you will need to re-enter the information
        required. Removing SSO integration automatically removes the directory
        integration.