Evo Security syncs with Google Workspace service.

Your users will be able to login using Evo, with their network credentials. The user will be required to enter a code based on multi-factor authentication (MFA) being enabled, and their credentials are authenticated by your network.

These instructions assume:

• Organization configured for Google Workspace.
• All users have been created under Google Workspace.
• All users have a unique email address, specific to their user.
• All users are a member of a group to be synced.

Google Workspace configuration

1. Go to https://console.cloud.google.com/
2. Create a new project under your domain.
3. Navigate to API & Services.
   
4. From the left-side navigation, click Library.
5. Search for the Admin SDK API.
   
6. Enable the Admin SDK API if it is not already enabled, and head back to dashboard.

Before we continue, we also need to create an OAuth Consent screen for the new Google Workspace Project.

1. While in the project, click OAuth Consent Screen.
   
2. Select Internal and Create.
3. Fill in the fields with your correct information. When you get to the Authorized domains portion, enter evosecurity.com.
   
4. Save and continue.
5. Next, we will set the following Scopes. Refer to Screenshot for the scope information that should be set. All of these are found within the same Add or Remove Scopes screen.
   
6. Once this is done, let's head back to the credentials and create a new OAuth 2.0 Client.
7. Click Create Credentials and create a new OAuth Client ID.
   
8. Select Web Application.
   
9. Name the app what you would like, then add the following Authorized JavaScript origins and Authorized redirect URIs:
   1. For Authorized JavaScript origins add:
      1. https://your-environment-url.evosecurity.com
   2. For Authorized redirect URIs add:
      1. https://your-environment-url.evosecurity.com
      2. https://your-environment-url.evosecurity.com/oauth2callback
10. Click Create.
    
11. Once that's done, you'll get your Client ID and Client Secret.
12. In another tab, login to your Evo Portal.
13. From the left nav menu, select My Company. Alternatively, select Customers and and choose a customer from the list.
14. Select Directories.
15. Select the Google Workspace tab.
16. Enter a directory name.
17. Download the JSON and you will copy/paste the content from that JSON into your Evo Security admin portal under the Paste JSON Client Secret.
    
18. Once entered, click "Get OAUTH Code" and you'll be redirected to sign into your Google Workspace account.
19. Sign in, accept the integrations, and you'll be given the OAuth Code.
20. Paste that into the OAuth and create your Google Workspace Directory!
    

Now that you’ve completed the configuration for Google Workspace, your users will be able to authenticate with Evo. 

If you’ve experienced any issues with the configuration, please contact us and we’re happy to help.