Enable group sync from Google Workplace (experimental)

:warning: This is experimental. The feature may change without notice.

To get started, configure Google login according to these instructions:

Then, follow these steps:

  1. In the google dashboard for your OAuth integration, go to “APIs and Services”, and add "Admin SDK

  2. Go to admin.google.com, and visit the ‘security’ section. Open ‘API Controls’, “Manage Third Party App Access”.then “Add App” ,“OAuth App Name or Client ID”. Enter the client ID of your OAuth application, then select it from the list. Run through the steps, making sure to set the application as “Trusted”. It should then appear in the list:

  3. In your Discourse admin panel, configure the google oauth2 hd setting to your domain, and enable the google oauth2 hd groups setting.

Next time a user logs in, they will be asked to give Discourse permission to access group information. Discourse will store google group information behind-the-scenes.

To link a Google Group to a Discourse group, visit the group config in Discourse, and go to the ManageMembership section. Under ‘Automatic’, you’ll see a new dropdown which allows you to link any number of Google Groups to the Discourse group:

Changes to this setting should take effect instantly. Changes to group membership on Google will take effect on the user’s next login.

Big thanks to @angus for his work on this feature. We hope to expand this group syncing system to other login methods in the not-too-distant future.