Identity Provider Integration

Google Workspace

Connect TigerIdentity to Google Workspace for directory sync, org structure mapping, and context-aware access based on Google Cloud Identity.

Book a DemoView Documentation

Key Features

Directory Sync

Sync users, groups, and organizational units from Google Workspace Directory.

Real-Time Updates

Subscribe to directory change notifications via Google Cloud Pub/Sub.

Admin Roles

Track Google Workspace admin role assignments and delegated privileges.

Org Structure

Map organizational units and reporting hierarchies into your identity graph.

Gmail Context

Optionally integrate Gmail activity and security signals for enhanced context.

OAuth Scopes

Monitor and control OAuth application grants and third-party access.

How It Works

1

Create Service Account

Set up a Google Cloud service account with domain-wide delegation for Directory API access.

2

Sync Directory

TigerIdentity performs an initial sync of users, groups, and organizational structure.

3

Subscribe to Changes

Enable directory change notifications via Cloud Pub/Sub for real-time updates.

4

Enforce Policies

Use Google Workspace identity data in your access policies and provisioning workflows.

Configuration Example

connector:
  type: google-workspace
  name: "google-workspace-production"

  config:
    customer_id: "${GOOGLE_CUSTOMER_ID}"
    service_account_key: "${GOOGLE_SERVICE_ACCOUNT_JSON}"
    admin_email: "admin@company.com"

  sync:
    users: true
    groups: true
    organizational_units: true
    chrome_devices: true

  events:
    - user.create
    - user.delete
    - user.change
    - group.create
    - group.member.add
    - group.member.remove

  mapping:
    user_attributes:
      - google: primaryEmail
        tiger: email
      - google: orgUnitPath
        tiger: department
      - google: manager
        tiger: reports_to

Use Cases

Google Cloud Identity

Use Google Workspace as the identity source for GCP resources and Cloud Identity.

Organizational Units

Enforce access policies based on Google Workspace organizational structure.

Chrome Device Context

Factor in Chrome device trust status when making access decisions.

Third-Party App Control

Monitor and revoke OAuth grants to third-party applications based on risk.

Ready to connect Google Workspace?

See how TigerIdentity integrates with your Google environment in a personalized demo.

Schedule Your Demo