Sync with Google

This document describes how to set up Foxpass to sync your directory with Google Workspace. Note: this will only sync directory information. To use Google passwords with your Foxpass account, check out Google / Foxpass password delegation and Google LDAP / Foxpass password delegation.

Authorize your Foxpass account with Google

Go to the Foxpass 'Sync' page. Click on the dropdown next to 'Select synchronization provider' and select 'Google'.

Authorize Account for User Sync

Choose the sync scope - User or/or Group and/or Passwords and authorize account for sync.

📘

The "Password Sync: automatically push new passwords to Google" option ensures that any changes to user passwords in your organization's directory are automatically synchronized with Google Workspace.

Google will then ask for offline access to your data, which Foxpass needs to access the directory data. Click "Continue" to be redirected to Foxpass.

We recommend adding a second set of credentials as a backup in case the first set fails. Failure of the first set of credentials happens when the administrator who authorized the sync leaves the company and has their Google account disabled. You can approve another set of credentials by having another administrator log into Foxpass and click the "Authorize Account for Sync" button.

If you see a green checkmark with a message 'Your account passes user synchronization validation.' at the top of the page, your credentials are good to go.

Click on 'Sync now' button. You will see a message saying ' Sync initiated successfully'.

Click Ok and you can see the status of your sync in the table as shown in the picture below:

Now, you can see synced users on the Users page.

If you select Groups/ Password option later make sure to authorize again. The Google groups will be synced to Foxpass and can be seen on the Groups page.

Optional: Enable Group Sync Allowed list

If you have group sync enabled, you can allowed groups that get imported during sync. This is useful for organizations that only want to import a subset of their groups used in Foxpass. Once group sync is enabled, you'll see a field to add any group prefixes allowed to be synced. During the group sync process, any groups that do not begin with that prefix are not synced with Foxpass.

Optional: Enable Allowed Users list via Group Membership

If you have group sync enabled, you can add an allowed users list from specific groups. This is useful for organizations that only want a subset of their directory to have access to Foxpass. Once group sync is enabled, you'll see a field to mark any groups allowed to be synced. During the group sync process, any users that are not a member of one of those groups are automatically marked as "disabled"

Optional: Enable Non Allowed Users list via Group Membership

If you have group sync enabled, you can have a list of non-allowed users that belong to specific groups. This is useful for organizations that have a large number of machine or role accounts that don't need access to Foxpass. Once group sync is enabled, you'll see a field to mark any groups to be ignored from syncing. During the group sync process, any users that are a member of one of those groups are automatically marked as "disabled"

Optional: Sync all domains or Enable domain filtering

Foxpass allows you to either Sync all domains or Enable domain filtering. Just click on the toggle to enable/ disable the required setting.

If Domain filtering is on, click on 'Refresh Domains' if needed.

If desired, you can check sync logs on the Sync logs page.