# Google Cloud Identity (Old)

{% hint style="warning" %}
This article has been moved from its original location in the Admin Guide.
{% endhint %}

### Introduction <a href="#toc121919555" id="toc121919555"></a>

Companies who use Google as their cloud identity provider can now integrate MangoApps user sync and groups sync with their Google cloud identity account over LDAP. This integration of MangoApps with Google cloud identity LDAP service is simple to set up in comparison to the on-premise active directory that requires significant IT cost & effort.

### Add Google LDAP client in Google's admin console for your MangoApps account <a href="#toc121919556" id="toc121919556"></a>

1. Login into Google as an Admin (Admin.Google.com)
2. Go To **LDAP** and click **Add Client.**

<figure><img src="https://guides.mangoapps.com/~gitbook/image?url=https%3A%2F%2F1733114811-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-Lclpq021Ai9jH1_X4gO%252Fuploads%252FLQCy7n2FuQWC1aq1dIsa%252F0.png%3Falt%3Dmedia&#x26;width=768&#x26;dpr=4&#x26;quality=100&#x26;sign=3b72625d&#x26;sv=2" alt=""><figcaption></figcaption></figure>

Enter the LDAP Client name and description.

<figure><img src="https://guides.mangoapps.com/~gitbook/image?url=https%3A%2F%2F1733114811-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-Lclpq021Ai9jH1_X4gO%252Fuploads%252FE4jXXyfU5LlHexSXMOZO%252F1.png%3Falt%3Dmedia&#x26;width=768&#x26;dpr=4&#x26;quality=100&#x26;sign=c5885576&#x26;sv=2" alt=""><figcaption></figcaption></figure>

**Access Permission**

* Verify User's credentials: Select Entire Domain.
* Read User's Information: Select Entire Domain.
* Specify the attribute which client can access to read users information: System attributes, Public Custom, Private custom
* Enable the **Read Group Information** tab.
* Click **Add LDAP Client.**

<figure><img src="https://guides.mangoapps.com/~gitbook/image?url=https%3A%2F%2F1733114811-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-Lclpq021Ai9jH1_X4gO%252Fuploads%252Fl8AcqBkOAlR8DOtAHlMK%252F2.png%3Falt%3Dmedia&#x26;width=768&#x26;dpr=4&#x26;quality=100&#x26;sign=5e058092&#x26;sv=2" alt=""><figcaption></figcaption></figure>

Download the generated certificate to connect your client to LDAP Services and click **Continue to Client details.**

<figure><img src="https://guides.mangoapps.com/~gitbook/image?url=https%3A%2F%2F1733114811-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-Lclpq021Ai9jH1_X4gO%252Fuploads%252FGHbDdjmegsZyOjmUJha3%252F3.png%3Falt%3Dmedia&#x26;width=768&#x26;dpr=4&#x26;quality=100&#x26;sign=13701f3a&#x26;sv=2" alt=""><figcaption></figcaption></figure>

Go to **Apps>LDAP>Settings>Authentication,** to generate new credentials.

<figure><img src="https://guides.mangoapps.com/~gitbook/image?url=https%3A%2F%2F1733114811-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-Lclpq021Ai9jH1_X4gO%252Fuploads%252F9u4kbzCzr7TL8T0VlcSm%252F4.png%3Falt%3Dmedia&#x26;width=768&#x26;dpr=4&#x26;quality=100&#x26;sign=63fe7e02&#x26;sv=2" alt=""><figcaption></figcaption></figure>

Click on the **Status Service**, to change the status.

<figure><img src="https://guides.mangoapps.com/~gitbook/image?url=https%3A%2F%2F1733114811-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-Lclpq021Ai9jH1_X4gO%252Fuploads%252FTJx3AaPrDYFwzZ0QEJnw%252F5.png%3Falt%3Dmedia&#x26;width=768&#x26;dpr=4&#x26;quality=100&#x26;sign=ca1553bb&#x26;sv=2" alt=""><figcaption></figcaption></figure>

Select **ON** for everyone and click **Save.**

<figure><img src="https://guides.mangoapps.com/~gitbook/image?url=https%3A%2F%2F1733114811-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-Lclpq021Ai9jH1_X4gO%252Fuploads%252FHCfDMZQkOYtQJfEL8tzb%252F6.png%3Falt%3Dmedia&#x26;width=768&#x26;dpr=4&#x26;quality=100&#x26;sign=6db1b624&#x26;sv=2" alt=""><figcaption></figcaption></figure>

Google LDAP is added in Google's admin console for your MangoApps account.

***

### Add Google Cloud Server in the MangoApps admin portal. <a href="#toc121919557" id="toc121919557"></a>

<figure><img src="https://guides.mangoapps.com/~gitbook/image?url=https%3A%2F%2F1733114811-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-Lclpq021Ai9jH1_X4gO%252Fuploads%252FZbfOqHZQjK6ZixzqtaJf%252F7.png%3Falt%3Dmedia&#x26;width=768&#x26;dpr=4&#x26;quality=100&#x26;sign=6a16ffba&#x26;sv=2" alt=""><figcaption></figcaption></figure>

Go to MangoApps Admin Portal, click **SSO>CONNECTION>Active Directory/LDAP.**

Enable the Active Directory LDAP Integration.

**Server 1:**

1. Select the server type as Google LADP from the drop-down.
2. Enter the Host and Port Name.
3. Enter the Group and Base DN.
4. Upload the Google digital certificated downloaded from the Google LDAP configuration.
5. Enter the Login details and click **Test Connection.**

**User Mapping:**

* You can set up the user mappings for automatic sync of user profile data from Google cloud identity.
* User custom fields can be mapped and will be kept in sync in MangoApps (when it changes in Google cloud identity).
* Both scheduled sync and just-in-time (JIT) sync of users from Google cloud identity is supported.
* Using user object filter, admins can control which users from Google cloud identity are synced into MangoApps.

Refer to [Active Directory/Ldap](https://guides.mangoapps.com/mangoapps-guides/v/admin-guide/sso/connections/active-directory-ldap) for more information.

<figure><img src="https://guides.mangoapps.com/~gitbook/image?url=https%3A%2F%2F1733114811-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-Lclpq021Ai9jH1_X4gO%252Fuploads%252Fc5vv97Ysw6gfW5MH0IvP%252F8.png%3Falt%3Dmedia&#x26;width=768&#x26;dpr=4&#x26;quality=100&#x26;sign=f2b87da4&#x26;sv=2" alt=""><figcaption></figcaption></figure>

**Group Mapping:**

Group Mapping enables the Network admin to automate the task of Group creation and user assignment in MangoApps.

* Enable Group Sync to:
  * Read group information settings in the Google admin console for MangoApps LDAP client (Part 1 of configuration mentioned above).
  * Enable group sync settings in MangoApps.
* Group custom fields can be mapped and will be kept in sync in MangoApps (when it changes in Google cloud identity).
* Using group object filter, admins can control which groups from Google cloud identity are synced into MangoApps.
* Group membership rule settings help admins control the policy to use to keep the group membership in sync with Google cloud identity.

Refer to [Active Directory/Ldap](https://guides.mangoapps.com/mangoapps-guides/v/admin-guide/sso/connections/active-directory-ldap) for more information.

<figure><img src="https://guides.mangoapps.com/~gitbook/image?url=https%3A%2F%2F1733114811-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-Lclpq021Ai9jH1_X4gO%252Fuploads%252FtfRTlhszQxrgCIwK3cVd%252F9.png%3Falt%3Dmedia&#x26;width=768&#x26;dpr=4&#x26;quality=100&#x26;sign=56c86cb2&#x26;sv=2" alt=""><figcaption></figcaption></figure>

Click **Save Settings.**

Saving the settings will present a button to **‘Preview & Synchronize’.** This action would provide an Admin list of users & groups that satisfy the configured user & group object filters.

<figure><img src="https://guides.mangoapps.com/~gitbook/image?url=https%3A%2F%2F1733114811-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-Lclpq021Ai9jH1_X4gO%252Fuploads%252FTob3MIUOtxDfbigtkHW7%252F10.png%3Falt%3Dmedia&#x26;width=768&#x26;dpr=4&#x26;quality=100&#x26;sign=3e76f2a6&#x26;sv=2" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://guides.mangoapps.com/integrations-guide/single-sign-on/sso-integrations-by-provider/sso-integrations-for-google-workspace/google-cloud-identity-old.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.