Google Workspace identity integration with GenticFlow
Google Workspace OIDC sign-in for client portal and agent chat sessions
GenticFlow supports Google Workspace through Google OAuth/OIDC. Admins configure a Google Cloud OAuth web application, client ID, client secret, issuer URL, scopes, claim mapping, and organization assignments so users can authenticate through Google where the product uses OIDC sign-in.
What You Get
Google OIDC Authentication
- Google Workspace is a supported authentication provider type
- Issuer URL is accounts.google.com
- Authorization code with PKCE is used for OIDC sessions
- The Google flow requests offline access when building the authorization URL
OAuth App Configuration
- Uses a Google Cloud OAuth 2.0 web application
- Scopes default to openid, email, and profile
- Google People API can be enabled for profile information
- Email and name claims are configurable
Provider Assignment
- Organizations can be assigned to the Google provider
- Internal Google Workspace OAuth apps can restrict sign-in to the Workspace domain
- OIDC endpoints are auto-discovered from the issuer URL
- This Google Workspace page covers OIDC sign-in rather than Google directory sync
How It Works
Create a Google OAuth client
Create a Google Cloud web application and add the GenticFlow redirect URI.
Configure Google provider settings
Enter the client ID, client secret, issuer URL, scopes, and claim mapping.
Discover OIDC endpoints
GenticFlow discovers Google OIDC endpoints from https://accounts.google.com.
Assign organizations
Connect the Google provider to the organizations that should use it for supported OIDC sign-in flows.
Identity context for support workflows.
Google Workspace remains the identity provider or directory source. GenticFlow uses supported identity sync and OIDC sign-in flows to connect users, organizations, and sessions to the service desk workflow.
See It In Action