Sync with Google

This document describes how to set up Foxpass to sync your directory with Google Workspace. Note: this will only sync directory information. To use Google passwords with your Foxpass account, check out Google / Foxpass password delegation and Google LDAP / Foxpass password delegation.

Authorize your Foxpass account with Google

Go to the Foxpass 'Sync' page. Click on the "Google" tab. Choose 'Yes' from one of the dropdown menus, then click the "Authorize Account" button. Google will then ask for offline access to your data, which Foxpass needs to access the directory data. Click "Accept" to be redirected to Foxpass. If you see a green checkmark at the top of the page, your credentials are good to go.

We recommend adding a second set of credentials as a backup in case the first set fails. Failure of the first set of credentials happens when the administrator who authorized the sync leaves the company and has their Google account disabled. You can approve another set of credentials by having another administrator log into Foxpass and click the "Authorize Account for Sync" button.

Optional: Enable Group Sync Allowed list

If you have group sync enabled, you can have an allowed list of groups, which get imported during sync. This is useful for organizations that only want to import a subset of their groups used in Foxpass. Once group sync is enabled, you'll see a field to add any group prefixes for adding to the allowed list. During the group sync process, any groups that do not begin with that prefix are not synced with Foxpass.

Optional: Enable Allowed User list via Group Membership

If you have group sync enabled, you can add allowed users that belong to specific groups. Group sync is helpful for organizations that only want a subset of their directory to have access to Foxpass. Once group sync is enabled, you'll see a field to mark any groups which are allowed. During the group sync process, any users that are not a member of one of those groups are automatically marked as "inactive."

Optional: Enable Non Allowed User list via Group Membership

If you have group sync enabled, you can have a list of non-allowed users that belong to specific groups. This is useful for organizations that have a large number of machine or role accounts that don't need access to Foxpass. Once group sync is enabled, you'll see a field to mark any groups to be ignored from syncing. During the group sync process, any users that are a member of one of those groups are automatically marked as "inactive."