Overview

With Single Sign-On implementation, it is important that the SSO application on the IdP side provides the SSO Token during each user authentication. With Google as IdP, the SSO Token applies to each user. To automate this process, Druva has created a utility that helps integrate Druva inSync with Google Workspace SSO.

This utility helps integrate Druva inSync with Google Workspace SSO. It is a command-line utility labeled inSync-Google-integration.exe, and you must run it from the Windows command prompt. It uses Google administrator API to insert inSync-specific schema in Google Workspace users.

This utility runs for those users who do not have inSync-specific schema and are not Google administrators by default. You can obtain the utility from the download section below.

The prerequisites from Google that permit Admin API access are as follows:

Detailed steps for making sure that the above prerequisites are satisfied are available in the following KB articles by Google :

Sample usage

<usage: inSync-Google-integration.exe: use -h for help>

Options:

--version show program's version number and exit
​-h, --help show this help message and exit
​--googleadmin=ADMIN Email of Google Apps Administrator
​--keypath=PATH Path to Service Account's json keyfile
​--token=SSOTOKEN SSO token from inSync Web UI
​--all Run for All Users
​
​inSync-Google-integration.exe --keypath=DruvaSSO-45345345345.json --token="89-d88a95777e3b8fae07e619af503d7109323f7353041e620fddf4fb6e20751a08" --googleadmin=""

To enforce the schema update for all users including Admins use '--all' option.

The utility logs are saved in a local directory (Google_SSO_<date>.log) from where the utility script is running. Please contact Druva Support for further details or help with the above steps.

See How to configure SSO for Druve inSync Cloud using Google as IdP for manual steps.