Integration: Import users from Google
This integration allows you to import users from Google into ChiefOnboarding. There is currently a max set at 2500 users, but you can increase it by changing the amount_pages_to_fetch property.
Manifest
{
"oauth": {
"refresh": {
"url": "https://oauth2.googleapis.com/token",
"data": {
"client_id": "{{ CLIENT_ID }}",
"grant_type": "refresh_token",
"client_secret": "{{ CLIENT_SECRET }}",
"refresh_token": "{{ oauth.refresh_token }}"
},
"method": "POST"
},
"access_token": {
"url": "https://oauth2.googleapis.com/token?client_id={{CLIENT_ID}}&client_secret={{CLIENT_SECRET}}&grant_type=authorization_code&redirect_uri={{redirect_url}}",
"method": "POST"
},
"authenticate_url": "https://accounts.google.com/o/oauth2/v2/auth?client_id={{CLIENT_ID}}&redirect_uri={{redirect_url}}&response_type=code&scope=https://www.googleapis.com/auth/admin.directory.user.readonly&access_type=offline"
},
"action": "create",
"execute": [
{
"url": "https://admin.googleapis.com/admin/directory/v1/users?customer=my_customer&orderBy=email&maxResults=500",
"method": "GET",
"cast_data_to_json": true
}
],
"headers": {
"Accept": "application/json",
"Content-Type": "application/json",
"Authorization": "Bearer {{oauth.access_token}}"
},
"data_from": "users",
"next_page": "https://admin.googleapis.com/admin/directory/v1/users?customer=my_customer&pageToken={{ NEXT_PAGE_TOKEN }}&orderBy=email&maxResults=500",
"data_structure": {
"email": "primaryEmail",
"last_name": "name.familyName",
"first_name": "name.givenName"
},
"initial_data_form": [
{
"id": "CLIENT_ID",
"name": "The Google client id",
"description": "You can find it here: "
},
{
"id": "CLIENT_SECRET",
"name": "The Google client secret",
"description": "You can find it here: "
}
],
"next_page_token_from": "nextPageToken",
"amount_pages_to_fetch": 5
}
Creating login/consent page
- Go to https://console.cloud.google.com/apis/dashboard and make sure you are logged in as the admin of the Google organization.
- Create a new 'Project' and give it a fancy name. Once it's created make sure you are in that project (you can see that in the top bar).
- Click on "OAuth Consent Screen". You will be asked for what type of app you want to register. Choose 'Internal', only people from your organization should log in to your app. Click on 'Create'.
- Fill in the details accordingly. Under 'Authorized domains', fill in your own site url (the url of the ChiefOnboarding instance).
- On the next page, under scopes, add one and fill this link in the box at the bottom: https://www.googleapis.com/auth/admin.directory.user.readonly. Click on "add to table". It should be selected now as well. Click on "update".
- Click on 'Save and continue'. You will be taken back to the page you previously landed on.
Create credentials and add API access
- Go to https://console.cloud.google.com/apis/credentials
- Click on 'Create credentials' at the top of the page and choose Client-ID OAuth.
- You will be asked for the type of app. Pick 'Web application'.
- Under "Authorized JavaScript-sources" enter the domain name of where ChiefOnboarding is running on.
- Under "Authorized redirect-URLs" enter the callback url you got when adding the manifest in your ChiefOnboarding instance.
- Click on 'Create' and you will get the Client-ID and Client-secret that you need to fill in on your ChiefOnboarding instance.
- Submit the form on ChiefOnboarding and then click on "OAuth" to complete the authentication process.
Enable admin SDK
- Go to https://console.cloud.google.com/apis/library/admin.googleapis.com and enable the admin SDK.
You can now go to people -> colleagues and hit "import user from Google".
Comments
No comments yet.