Integrate the G Suite Identity Service
The G Suite identity service feature is an enhancement to the Cisco Umbrella Chromebook and SWG Umbrella Chromebook clients. The G Suite identity service adds the G Suite Organizational Units (OUs) and G Suite Users to the Umbrella policy. For more information, see G Suite Identity Service.
Table of Contents
Known Limitations
- G Suite identities-based policy and enforcement is supported only on Chromebooks with Umbrella Chromebook client or SWG Umbrella Chromebook client software.
- Google OU and User information updates can take up to 60 mins to appear in the Cisco Umbrella dashboard.
- New Umbrella Chromebook client or SWG Umbrella Chromebook client customers onboarding with the G Suite identity service for more than 250K identities must create a support case at [email protected]. A support case is not required for existing G Suite users.
- G Suite Groups are not supported for import to Umbrella. Only G Suite Users and OUs can be imported.
Prerequisites
- The G Suite administrator account must have full administrative privileges on the Umbrella dashboard.
Procedure
Enabling the G Suite identity service for the Umbrella Chromebook and SWG Umbrella Chromebook clients requires the following steps:
- Step 1: Update the Umbrella Chromebook or SWG Umbrella Chromebook Configuration
- Step 2: Install the Cisco Umbrella Authorizer App
- Step 3: Enter Your G Suite Super Administrator ID in the Umbrella Dashboard
Step 1: Update the Umbrella Chromebook or SWG Umbrella Chromebook Configuration
- In the Umbrella Chromebook or SWG Umbrella Chromebook config file that you downloaded, set the Value field in googleDirectoryService to
true
. Save the config file.
{
"organizationInfo":{
"Value":{
"organizationId":1234567,
"regToken":"GtTYPQfgSzQtGzYUrINmbjgTu5XriDtn"
}
},
"vaIPs":{
"Value":[
"192.168.100.10",
"192.168.100.11"
]
},
"googleDirectoryService": {
"Value": true
}
}
Step 2: Install the Cisco Umbrella Authorizer App
The Cisco Umbrella Authorizer application authorizes the scopes needed by Umbrella to retrieve information from your G Suite account.
- Open your G Suite administration console, using the G Suite super administrator ID.
- Navigate to the Umbrella Authorizer app in the Google Workspace Marketplace.

- Click Domain Install and in the dialog that appears, click Accept.

You can review detailed information about the scopes required by the Cisco Umbrella Authorizer app.

Step 3: Enter Your G Suite Super Administrator ID in the Umbrella Dashboard
- Navigate to Deployments > Core Identities > Chromebook Users and click Download.

- Click Sign In and in the dialog that appears, select the super administrator account.

- Sign in to sync your G Suite identities with Umbrella. A sync can take up to 60 minutes.
After the sync, the Umbrella Policies page displays the G Suite identities: G Suite OUs and G Suite Users.
Add a Chromebook Specific Web Policy Ruleset < Integrate the G Suite Identity Service > SWG Umbrella Chromebook Client Protection Status
Updated about 1 month ago