The Google Workspace connector enables organisations to automatically synchronise Blink user profiles from their Google Workspace. Once set up, the connector reads user profiles from Google Workspace and maps them into Blink, deactivating any Blink users who are no longer present in Google Workspace. This guide is for administrators who manage identity and directory data in Google Workspace and want Blink to reflect that data automatically.
Configuration steps
Step 1: Create a Google Cloud service account
Every Google Workspace organisation has a Google Cloud project created automatically. You can use this existing project rather than creating a new one.
Open the Google Cloud Console and sign in with your Google Workspace admin account.
In the project selector at the top of the page, look for a project already associated with your organisation. It is often named after your domain or labelled as your organisation's default project. Select it.
If no existing project is available, select New Project, give it a name, and select Create.
Go to IAM and Admin, then select Service Accounts.
Select Create Service Account and give it a descriptive name (for example,
blink-user-sync).Complete the creation wizard. You do not need to assign any project-level IAM roles.
Step 2: Generate a service account key
On the Service Accounts list, select the service account you just created.
Go to the Keys tab and select Add Key, then Create new key.
Choose JSON as the key type and select Create. A
.jsonfile downloads automatically.Store this file securely. You will provide this file to Blink team during setup.
Step 3: Enable domain-wide delegation
Still on the service account page, go to the Details tab.
Under Domain-wide delegation, select Enable Google Workspace Domain-wide Delegation.
Note the Client ID shown. You will need this in the next step.
Select Save.
Step 4: Authorise the service account in Google Workspace
Sign in to the Google Workspace Admin Console as a super administrator.
Go to Security, then Access and data control, then API controls.
Under Domain-wide delegation, select Manage Domain Wide Delegation.
Select Add new and enter:
Client ID: the client ID noted in Step 3.
Select Authorise.
Step 5: Identify your customer specifier
You need to tell Blink which Google Workspace organisation to sync. You can identify it using one of the following:
Customer ID: typically
your_company(which resolves to the authenticated admin's organisation) or a specific Google Workspace customer ID.Primary domain: the primary domain of your Google Workspace account (for example,
yourcompany.com).
Use whichever option your Blink implementation team recommends. Only one is needed.
Step 6: Provide credentials to Blink
Work with the Blink implementation or support team to complete setup in the User Sync Service. You will need to supply:
Field | Description |
Service account email | The email address of the service account created in Step 1. |
Service account private key | The private key from the JSON file downloaded in Step 2. |
Delegated admin email | The email address of a Google Workspace admin user the service account will act on behalf of. |
Customer specifier | Either your Google Workspace customer ID or primary domain (from Step 5). |
Once these details are provided, Blink will configure the connector and schedule syncs for your organisation.