How to integrate G Suite with Hexnode

G Suite is a unified platform for business apps developed by Google, including productivity, cloud computing, and other collaborative apps and tools dedicated for work. Hexnode is a unified web-console devoted to configure, manage, and administer the work devices.

Hexnode’s integration with G Suite allows you to simplify device enrollment and user management operations of your MDM. The integration simplifies the enrollment of your Windows, Android, macOS, and iOS devices securely through G Suite authentication and the device enrollment in the Android Enterprise program. Moreover, this will sync the user and group inventory of your organization’s G Suite account to Hexnode, facilitating the automatic creation of user accounts.

Create Service Account

Your organization requires a service account with Google to integrate with G Suite. Hexnode uses this service account to push the configurations to the device.

1. Using the G Suite admin credential, log in to Google Developers Console.
2. Click on Create Project.
3. Create a New Project by providing the following details.
   • Project Name: Provide a suitable project name and a corresponding project ID will be generated.
4. From the Navigation Menu on the left pane, select APIs and Services > Credentials.
5. Click on Create Credentials and from the drop-down list that appears select Service account.
6. Select New service account and provide the following details.
   • Service account name: Provide a suitable name for the service account.
   • Service account ID: An account ID will be automatically generated. If required, you can edit it.
   • Service account description: Provide a suitable description for your service account.
   • Click on Create.
7. Role: From the drop-down list, select Service Accounts > Service Account Admin, and click Continue.
8. From Navigation menu > IAM & Admin > Service Accounts. Select your service account and click on Actions > Edit.
9. Select the checkbox Enable G Suite Domain-wide Delegation.
10. Click on Add Key > Create new key and choose the key type as JSON and click on Create.
11. A JSON key will be downloaded. This key is later uploaded on to Hexnode MDM server.
12. Click on Save.
13. Now, click on View Client ID.
14. Copy the Client ID.
15. From the Navigation menu select Dashboard and click on Enable APIs and Services.
16. In the search box that appears, type admin sdk and select the same from the search results.
17. Click on Enable to enable Admin SDK API.

Manage API Client Access for MDM

This process provides the MDM with a specific API access to apply configurations to the managed devices. Ensure to Enable API access in the Admin console.

1. Using your G Suite Admin credentials, log in to Google Admin Console and click on Security.
2. From API Controls, click on MANAGE DOMAIN WIDE DELEGATION under Domain wide delegation, and click on +Add new.
3. Authorize the API clients by providing the following details.
   • Client ID: Paste the Client ID copied from Google Developer Console.
   • OAuth scopes: Copy and paste the link https://www.googleapis.com/auth/admin.directory.user – To sync individual users.
   • https://www.googleapis.com/auth/admin.directory.group – To sync user groups.
   • Click on Authorize.
     
     Note:

     To sync user groups from your G Suite account to Hexnode console, you need to provide both the URLs separated by comma.

Integration of G Suite with Hexnode Server

1. Login to your Hexnode portal.
2. Navigate to Admin > G Suite.
3. You will have the following options to be configured.
   • G Suite Admin Email: Enter the G Suite admin email address of the domain that you want to synchronize with Hexnode.
   • Domain Name: Provide the domain name of the G Suite account where the users you want sync with Hexnode resides.
   • G Suite key: Upload the JSON key previously downloaded.
4. Click on Save to configure G Suite.