Sync with Google

This document describes how to set up Foxpass to sync your directory with Google Workspace. Note: this will only sync directory information. To use Google passwords with your Foxpass account, check out Google / Foxpass password delegation and Google LDAP / Foxpass password delegation.

Authorize your Foxpass account with Google

Go to the Foxpass 'Sync' page. Click on the dropdown next to 'Select synchronization provider' and select 'Google'.

Sync Users

For User sync option, choose 'Yes' from one of the dropdown menu, then click the "Authorize Account" button.

Google will then ask for offline access to your data, which Foxpass needs to access the directory data. Click "Allow" to be redirected to Foxpass.

We recommend adding a second set of credentials as a backup in case the first set fails. Failure of the first set of credentials happens when the administrator who authorized the sync leaves the company and has their Google account disabled. You can approve another set of credentials by having another administrator log into Foxpass and click the "Authorize Account for Sync" button.

If you see a green checkmark with a message 'Your account passes user synchronization validation.' at the top of the page, your credentials are good to go.

Click on 'Sync now' button. You will see a message saying ' Sync initiated successfully'.

Click Ok and you can see the status of your sync in the table as shown in the picture below:

Now, you can see synced users on the Users page.

Sync Groups

Select 'Yes' from the dropdown for 'Group Sync' option, authorize account for group sync and then click 'Sync Now' button. The Google groups will be synced to Foxpass and can be seen on the Groups page.

Optional: Enable Group Sync Allowed list

If you have group sync enabled, you can allowed groups that get imported during sync. This is useful for organizations that only want to import a subset of their groups used in Foxpass. Once group sync is enabled, you'll see a field to add any group prefixes allowed to be synced. During the group sync process, any groups that do not begin with that prefix are not synced with Foxpass.

Optional: Enable Allowed Users list via Group Membership

If you have group sync enabled, you can add an allowed users list from specific groups. This is useful for organizations that only want a subset of their directory to have access to Foxpass. Once group sync is enabled, you'll see a field to mark any groups allowed to be synced. During the group sync process, any users that are not a member of one of those groups are automatically marked as "inactive."

Optional: Enable Non Allowed Users list via Group Membership

If you have group sync enabled, you can have a list of non-allowed users that belong to specific groups. This is useful for organizations that have a large number of machine or role accounts that don't need access to Foxpass. Once group sync is enabled, you'll see a field to mark any groups to be ignored from syncing. During the group sync process, any users that are a member of one of those groups are automatically marked as "inactive."

Optional: Configure subdomains

Foxpass allows you to configure subdomains from Google. Click on 'Yes' option for 'Subdomain Sync' and authorize the account for domain sync.

Choose 'Yes' for 'Include all subdomains' option if you want to include all domains in the wildcard format *.foxpassqa.com. For example: contractors.foxpassqa.com or corporate.foxpassqa.com. Click on 'Refresh Domain List' if needed.

Password sync

The "Password Sync: Automatically push new passwords to Google" option ensures that any changes to user passwords in your organization's directory are automatically synchronized with Google Workspace. This feature keeps user credentials consistent across both systems, enhancing security and simplifying password management. Click 'Yes' for Password Sync and authorize the account to enable password sync.