14 DAY FREE TRIAL

No Search Results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. Hexnode Integrations
  3. G Suite

Category filter

How to integrate Google Workspace (G Suite) with Hexnode

Google Workspace (G Suite) is a unified platform for business apps developed by Google, including productivity, cloud computing, and other collaborative apps and tools dedicated for work. Hexnode is a unified web-console devoted to configure, manage, and administer the work devices.

Hexnode’s integration with G Suite allows you to simplify device enrollment and user management operations of your MDM. The integration simplifies the enrollment of your Windows, Android, macOS, and iOS devices securely through G Suite authentication and the device enrollment in the Android Enterprise program. Moreover, this will sync the user and group inventory of your organization’s G Suite account to Hexnode, facilitating the automatic creation of user accounts.

Notes:

  • Your Organization should have a G Suite Account.
  • This feature is available in Enterprise, Ultimate and Ultra subscription plans.

Jump To

Create Service Account

Your organization requires a service account with Google to integrate with G Suite. Hexnode uses this service account to push the configurations to the device.

  1. Using the G Suite admin credential, log in to Google Cloud Console.
  2. Click on Create Project.
  3. Create a New Project by providing the following details.
    • Project Name: Provide a suitable project name and a corresponding project ID will be generated.
  4. From the Navigation Menu on the left pane, select APIs and Services > Credentials.
  5. Click on Create Credentials and from the drop-down list that appears select Service account.
  6. Select New service account and provide the following details.
    • Service account name: Provide a suitable name for the service account.
    • Service account ID: An account ID will be automatically generated. If required, you can edit it.
    • Service account description: Provide a suitable description for your service account.
    • Click on Create and Continue.
  7. Optional: Grant the service account access to the project created above. Select a role from the drop-down list. Click on Select a role. Choose Service Accounts > Service Account Admin, and click Continue.
  8. Click Done.
  9. Click on the email address corresponding to the newly created service account.
  10. Select the Advanced settings dropdown and copy the generated Client ID.
  11. At the top, navigate to Keys. Click on Add Key > Create new key and choose the key type as JSON and click on Create.
  12. A JSON key will be downloaded. This key is later uploaded on to Hexnode MDM server.
  13. Go back to APIs & Services interface from the Navigation menu. Select Enabled APIs & Services and click on +ENABLE APIS AND SERVICES.
  14. In the search box that appears, type Admin SDK API and select the same from the search results.
  15. Click on Enable to enable Admin SDK API.

Manage API Client Access for MDM

This process provides the MDM with a specific API access to apply configurations to the managed devices. Ensure to Enable API access in the Admin console.

  1. Using your G Suite Admin credentials, log in to Google Admin Console and click on Security.
  2. From API Controls, click on MANAGE DOMAIN WIDE DELEGATION under Domain wide delegation, and click on +Add new.
  3. Authorize the API clients by providing the following details.
    • Client ID: Copy the unique ID from the downloaded JSON file or from the Google Cloud console.
    • OAuth scopes: Copy and paste the link https://www.googleapis.com/auth/admin.directory.user – To sync individual users.
    • https://www.googleapis.com/auth/admin.directory.group – To sync user groups.
    • https://www.googleapis.com/auth/admin.directory.domain – To fetch the domain.
    • Click on AUTHORIZE.

Note:

  • To sync users, user groups and domains from your G Suite account to the Hexnode console, you need to provide the OAuth scopes separated by a comma.
  • The directory domain scope
    https://www.googleapis.com/auth/admin.directory.domain is mandatory. If this scope is not entered, the domain sync will fail and an error message “G Suite domain names could not be retrieved.” will be displayed in the portal.

Integration of G Suite with Hexnode Server

  1. Login to your Hexnode portal.
  2. Navigate to Admin > G Suite.
  3. You will have the following options to be configured.
    • G Suite Admin Email: Enter the G Suite admin email address of the domain that you want to synchronize with Hexnode.
    • G Suite key: Upload the JSON key previously downloaded.
  4. Click on Next to configure G Suite.
  5. Now, 2 new options will be displayed:
    • Sync across all domains: Checking this option will sync all the users and/or user groups across all domains. When new domains are created in G Suite, they will be automatically synced during the next sync.
    • Choose Domain(s): Only the users and/or user groups present in the selected domains will be synced with Hexnode UEM.
  6. With the Scheduled Scan feature, you can set a specific time on a certain day(s) when the G Suite sync is to be initiated. Either choose Daily or Weekly options from the Time settings.
    • If Daily is chosen, enter the time in 24-hour format in the fields corresponding to the Initiate sync at option. It will initiate the G Suite sync at the specified time every day.
    • If the Weekly option is selected, an additional option to select days will be displayed below the Initiate sync at option. It will initiate the G Suite sync at the specified time on the specified days.
  7. Click on the Save button to save the configuration.

Note:

  • If the number of users in a domain is large, it might take a few minutes to sync them to the Hexnode portal.
  • Click on the Refresh Domains button if a newly added domain is not displayed on the portal.
  • The maximum number of devices “enrolled in the Android Enterprise program via Google domain” that can be assigned to a single G Suite user is ten. Even if you change the owner of one such device, the total number of Android Enterprise devices enrolled via the Google domain that can be assigned to that user remains the same.

    For example: Suppose a G Suite user is assigned 1 Android Enterprise device enrolled via Google domain integration. Even if you change the owner of this device, the total number of Android Enterprise devices (enrolled via the Google domain) that can be enrolled to the G Suite user will still be nine.

Need more help?
Raise a Ticket Raise a Ticket
Ask Community Ask Community
Chat With us Chat With us
  • Hexnode Integrations