Integrating SailPoint with G Suite
Revised Date: 26 April, 2022
Google Workspace is the new name for G Suite.
You must purchase Cloud Access Management to access and use this connector to govern your cloud environments. Contact your SailPoint CSM to request access.
The SailPoint G Suite
The
SailPoint G Suite
G Suite
SailPoint G Suite

-
The G Suite source now supports managing the following Google Cloud objects:
-
Google Account (G Suite Identities + managed Cloud Identities only)
-
Service account
-
Domain (G Suite OR Cloud Identity domain)
-
Google group
-
-
The G Suite source also supports the following authentication and authorization methods:
-
Client Credentials (OAuth 2.0 for Web Server Applications)
-
Service Account (OAuth 2.0 for Server to Server Applications)
-
-
The G Suite source now supports multiple group objects. Entitlement aggregation is supported for the following:
-
Groups
-
Roles
-
IAM Role
-
Project
-
Folder
-
Resource Permission
-
-
The G Suite Groups are both account type and entitlement in GCP support. GCP entitlement resource permission can be assigned to G Suite Groups. For more information, see Supported Features.
-
The G Suite source now supports provisioning an account with locations attribute. The locations attribute defines a list of the user's locations and it is a multi-valued complex attribute. The locations attribute can have values such as {"area": "Mountain View", "buildingId": "D1", "deskCode": "Desk1", "floorName":"First Floor", "floorSection":"B", “type”:”desk”}
-
For the G Suite source now the delta aggregation is not applicable for the attributes (for example, isEnrolledIn2Sv) that correspond to the USER_ENROLLED_IN_TWO_STEP_VERIFICATION event because these are not fetched by the managed system's G Suite API.
-
The G Suite (Google Workspace) source now supports filtering of user records during the full and delta account aggregation. See the Advanced Settings section for details.
-
The G Suite (Google Workspace) source now supports HTTP and HTTPS proxy configurations.