Opal + Google Groups
Product Overview
Google Groups enables businesses to send an email to everyone in a group with one address, invite a group to an event, or share documents with a group.
Integration Overview
Opal natively integrates with Google Groups and inherits its structure and membership. This allows users to easily invite members to Opal and grant granular permissions based on existing groups, using your identity provider as the source of truth. With Opal, it's possible to grant role-based access to relevant tools while leveraging a request workflow to grant privileged access.
Use Cases
Modern Access Management
Using Opal, customers can:
- Grant just-in-time access to critical resources that are auto-expiring and fully audited
- Enable resource owners with the most context to approve access requests and provision access automatically via Slack
- Ensure that privileged resources have the appropriate identity governance and approval configurations, such as multi-stage approvals, max duration, custom fields, and more
- Automate user access reviews so compliance teams can snapshot user listings, assign reviewers to self-service reviews, propagate access changes, and generate an auditor-friendly access report
- Automatically escalate privileges (and revoke access) when developers are on-call via integrations with PagerDuty and Opsgenie

Integration Setup
Once Okta is set up as anĀ App, admins can easily use the same APIĀ credentials to import user attributes from Okta as the identity provider.
1. In the Apps sidebar, click on "New App", and select Google Groups

- Create an Opal group, a service account, and enable the admin SDK API. Afterwards, you can upload service account credentials

3. Once the Google Groups app is set up, admins can navigate to Settings and set up your Identity Provider to easily sync users and attributes. Note: Opal will re-use the same API token
