Google Workspace SSO configuration
      Back to home
      1. Knowledge Base
      2. ACCOUNT SETTINGS
      3. Google Workspace SSO configuration

      Google Workspace Directory Synchronization

       

      This article describes instructions that handle Step 2: Configuring the Directory sync for automatic user provisioning


      Requirements      :

      1. Activated and tested Google Workspace SSO in the Wizer Admin Panel. Google Workspace Directory Synchronization won’t work without it.

        Google Workspace SSO instructions

      2. You must be an Administrator in your Google Workspace account with the following permissions:
        • Users: Read
        • Groups: Read
        • Group Members: Read
        • Domains: Read
        • Organization units: Read

      Instructions for Google Workspace Synchronization Setup:

      1. Go to Wizer Admin Panel SSO settings

      2. Click the Google Workspace tab

      3. Under the Directory Sync tab click the Connect Google Workspace button

      4. The consent screen should be shown with the permissions you should grant. Make sure that all the checkboxes are checked and then click the Continue button

      5. You should be redirected back to the Wizer Admin panel. Click the Google Workspace panel, then select the Directory Sync tab. You should be shown that your Google account is connected. Verify the email which is under the Connected Account section, it should be your corporate Google Workspace account's email.

        Then click the Configure Synchronization button
      6. Selecting users to synchronize
        You have to select the same users and groups as for the Google Workspace SSO SAML application you configured earlier. If some subsets of your users are selected to be synchronized but aren’t assigned to the SSO SAML application, the users won't be able to log in, as only the SSO SAML application controls logging in with SSO.
        Please note, that the synchronization will create selected users in the Wizer side.
        The Department field in the users' profiles should be filled out on the GW side, so the departments will be created automatically and the users will be assigned to them on the Wizer side.

         

        Selecting domains

        Select the domains from which you would like to provision the users

        Selecting all users or groups

        After you’ve selected your preferred domains, you can choose to sync all the users from those domains or sync users only from a specific set of groups available in the selected domains.

        All Users option

        All the users from your Google Workspace Directory should appear in Wizer, except suspended/archived (disabled users)

        Be careful with the “All Users” option. It will synchronize ALL the users from your directory including service accounts.

        Only Selected Group option (recommended)

        Once the filtering option is selected, press the Save & Test button
      7. A synchronization test can take up to several minutes. The synchronization time depends on your Google Workspace Directory size
      8. When the test synchronization is finished, you should be shown the results. Make sure that the numbers are correct. Then click the Enable Synchronization button
        If you have training assigned to your users, the users will receive email notifications after you enable synchronization
      9. The actual synchronization can also take up to several minutes. The synchronization time depends on your directory size
      10. Once the synchronization is finished, the synchronization status should become "Active"
      11. Now, your Google Workspace users should be synchronized with Wizer. You can confirm it by visiting the All Users page 
      12. You always can initiate an on-demand synchronization by pressing the Synchronize Now button
      13. Automated synchronizations happen every 3-4 hours

      Frequently asked questions

      1. How do I notify users to start training?
        Users receive automated notification emails once they are synchronized and have training assigned to them.
      2. What happens if I manually delete/disable a user from Wizer, will the user be added/marked as active on the next synchronization?
        Yes, if the user is still in the scope of synchronization, the user will be added again or marked as active on the next synchronization.
      3. What happens if synchronized Google Workspace users are deleted from the Directory?
        The deleted Google Workspace users will be disabled in Wizer.
      4. What fields are synchronized with Wizer?
        • Email (note, that we don't support updating emails yet, email addresses are propagated only when users are added to Wizer)
        • Department
        • First Name
        • Last Name
        • If users are active - suspended or archived Google Workspace users become disabled in Wizer
      5. Why users are not assigned to the departments after synchronization? Why departments were not created on the Wizer side?
        Please verify on the Google Workspace side if the Department field is filled up for all users correctly. Then click "Synchronize Now" in the SSO Settings.
      6. Why are users disabled/deactivated with every synchronization when they are active in our Google Workspace?
        Please check if these users are included in these filters. Any user who is not part of the assigned domains or groups will be disabled during each sync cycle.
      7. I want to synchronize groups, is it possible?
        Currently, there is no group synchronization available. We are working on the feature of the synchronization of the Google Groups with the Wizer Groups/Wizer Departments. You can send us a request and we will let you know once it is implemented.
      8. I have just enabled synchronization, and it seems not working. 
        Please check all the settings and wait 3-4 hours until the synchronization process is complete. 

      Any questions? Please, contact our Support Team by emailing us at support@wizer-training.com.

      Best regards,

      wizer_logo_dark