Guide Index
Guides HomeMangoApps WebsiteCommunity & SupportBlog & Resources
MangoApps Integrations Guide
MangoApps Integrations Guide
  • 🥭Integrations
  • 🌐Analytics
    • Google Analytics
    • Integration with Tableau
  • 🌐Digital Signage
    • Digital Signage Integrations
    • Integration with Appspace
    • Integration with Monitors AnyWhere
    • Integration with Rise Vision
    • Integration with ScreenCloud
    • Integration with Yodeck
  • 🌐Events
    • Event Integration with Zoom
  • 🌐File Storage and Sharing
    • Integration with Adobe Experience Manager (AEM)
    • Integration with Box
      • Box as the File Storage
      • Box as External Document Repository
    • Integration with Dropbox
    • Integration with Google Drive
    • Integration with NetSuite
    • Integration with SharePoint
      • SharePoint Files and Federated Search
      • SharePoint Widget
  • 🌐HRIS Partner Integrations
    • 🆕HRIS Partner Integrations
    • Paylocity Integration
  • 🌐Single Sign-On
    • Single Sign-On Integrations
    • General Protocol Setups
      • Active Directory/LDAP
      • OAuth2.0
        • OAuth2.0 with Open ID Connect
      • SAML
    • SSO Integrations by Provider
      • SSO Integrations for ADP Workforce Now
        • Integration with ADP Workforce Now
      • SSO Integrations for Google Workspace
        • Google Cloud Identity
        • Integration with Google Enterprise using OAUTH 2.0
      • SSO Integrations for Microsoft
        • SCIM Setup for Microsoft Entra ID
        • Integrating Office 365 SSO Using OAuth2.0
        • Active Directory Federation Services
      • SSO Integrations for Okta
        • SCIM Setup for Okta
        • OAuth2.0 Setup for OKTA Using OpenIDConnect
      • SSO Integrations for OneLogin
        • SCIM Setup for OneLogin
      • SSO Integrations for UKG
      • SSO Integrations for Workday
  • 🌐Shifts & Schedules
    • Integration with Kronos
    • 🆕Integration with PDI Workforce
  • 🌐Widgets
    • Integration with MS Stream
    • Integration with Tagbox
  • 🌐Workspace
    • Integration with AirBrake
    • Integration with Freshdesk
    • Integration with GitHub
    • Integration with Huddle
    • Integration with JIRA
    • Integration with Microsoft Clarity
    • Integration into Microsoft Teams
    • Integration with OC Tanner
    • Integration with Pingdom
    • Integration with Power BI
    • Integration with Salesforce
    • Integration with Slack
      • Integration with Slack for Channel Notifications
    • Integration with Workday
    • Integration with Zendesk
  • 🌐ADDITIONAL RESOURCES
    • Submit a Support Ticket
    • Release Notes
Powered by GitBook
On this page
  • Overview
  • Required Roles
  • Google Admin Console Configuration Side Setup
  • MangoApps Side Setup
  • Testing Considerations
  • Security Considerations
  • End User Experience
  • Rollout Recommendations
  1. Single Sign-On
  2. SSO Integrations by Provider
  3. SSO Integrations for Google Workspace

Google Cloud Identity

PreviousSSO Integrations for Google WorkspaceNextIntegration with Google Enterprise using OAUTH 2.0

Last updated 5 days ago

Overview

MangoApps supports integration with Google Cloud Identity as an SSO provider using LDAP. This integration allows user and group synchronization between Google Cloud Identity and MangoApps, eliminating the need for complex on-premise Active Directory setups.

This configuration saves IT overhead and enhances user management efficiency for enterprises already leveraging Google’s cloud infrastructure.


Required Roles

To set up and manage this integration, the following roles are required:

  • Google Cloud Identity Admin: Responsible for configuring the LDAP client within the Google Admin Console.

  • MangoApps Network Admin: Required to access the MangoApps Admin Portal to complete the LDAP connection setup and sync configuration.

Ensure that both roles have the necessary access permissions in their respective platforms before proceeding.


Google Admin Console Configuration Side Setup

Navigate to Apps > LDAP > Add Client.

Provide a Client Name and Description.

Set Access Permissions

  • Verify User's Credentials: Select Entire Domain.

  • Read User's Information: Select Entire Domain.

  • Attributes Access: Choose System attributes, Public Custom, and Private Custom.

  • Enable Group Access: Toggle on the Read Group Information setting.

Finally, click the Add LDAP Client button.

Download Certificate

  • Download the automatically generated certificate.

  • Click Continue to Client Details.

Generate Credentials

Go to Apps > LDAP > Settings > Authentication and generate new credentials for authentication.

Enable Service

Go to the Status Service, select ON for everyone, and click Save.


MangoApps Side Setup

Log in to the MangoApps Admin Portal and navigate to Admin Portal > SSO > Connection > Active Directory/LDAP. Toggle on Active Directory LDAP Integration.

Configure server settings as follows:

  • Server Type: Select Google LDAP from the dropdown.

  • Host & Port: Enter the values provided by your LDAP configuration.

  • Group DN & Base DN: Enter the names required.

  • Certificate: Upload the certificate downloaded from the Google Admin Console.

  • Login Details: Enter the username and password generated earlier.

Click Test Connection to verify.


Configure User Mapping

Set up user attribute mappings to sync profile data.

Choose between Scheduled Sync or Just-In-Time (JIT) Sync and use User Object Filters to define which users should be synced.


Configure Group Mapping

Enable Group Sync by checking the box anad use Group Object Filters to specify which groups to sync.

Map group attributes and apply Group Membership Rules to automate user assignment.

Click Save Settings.

Use the Preview & Synchronize option to view a list of users and groups that meet your filters.


Testing Considerations

Before a full rollout:

  • Use Preview & Synchronize to verify user and group data being pulled from Google Cloud Identity.

  • Test login behavior with a subset of users to confirm credentials and group-based access policies.

  • Confirm that changes in user profiles or group memberships in Google are reflected in MangoApps through sync.


Security Considerations

  • Data Security: All communication between MangoApps and Google LDAP is secured via SSL using the downloaded certificate.

  • Access Control: Use filters to limit synchronization to only necessary users and groups.

  • Credential Handling: Use system-generated credentials from the Google Admin Console to ensure secure authentication.

  • Audit Logs: Monitor LDAP sync activities through MangoApps admin logs for transparency.


End User Experience

For end users, this integration provides:

  • Single Sign-On (SSO): Users log in to MangoApps using their Google Cloud Identity credentials.

  • Seamless Access: Automatically gain access to appropriate teams and projects based on group memberships.

  • Up-to-Date Profiles: Profile information like job title, department, and contact details remain consistent across platforms.

No additional configuration is needed on the user's end.


Rollout Recommendations

To ensure a smooth transition:

  • Begin with a small user group to validate the integration.

  • Provide internal guides to explain the new login process.

  • Have IT support available during rollout to address any access issues.

  • Roll out to departments or regions in phases if your organization is large.

Log in to Google Admin Console from here: . Log in using a Google Cloud Identity Admin account.

🌐
admin.google.com