search

Google Workspace Integration

PortSIP PBX integrates with Google Workspace to provide the following capabilities:

  • User synchronization from Google Workspace users

  • Single Sign-On (SSO), allowing users to sign in to the PortSIP PBX Web Portal and PortSIP ONE app using their Google Workspace account

  • Send email notifications through Google Workspace using OAuth authentication

Notice

Since Google has discontinued support for “Less secure apps”arrow-up-right for sending emails from third-party applications, you must configure Google Workspace integration with PortSIP PBX to allow the PBX to use Gmail for sending email notifications securely.

hashtag
Prerequisites

Before configuring Google Workspace integration, ensure the following requirements are met:

  • PortSIP PBX is running on a static public IP address

  • A configured web domain (FQDN) for the PBX with a valid SSL certificate

  • The PBX System Administrator or Tenant Administrator must have a Google account:

    • A Google Workspace account

  • You must enable 2FA with your Google account. Please see the screenshot below

Once these prerequisites are satisfied, you can proceed with configuring Google Workspace integration.

hashtag
User Sync

PortSIP PBX supports integration with Google Workspace at both the System Admin level and the Tenant level. The available features depend on where the integration is configured.

hashtag
Google Workspace Integration at the System Admin Level

When Google Workspace integration is configured at the System Admin level:

  • The PBX can use Gmail to send system email notifications (such as voicemail alerts, password reset emails, and system notifications).

  • The Gmail sending capability can be shared with tenants.

Important

When configured at the System Admin level, the integration provides email delivery only. User synchronization (syncing Google users into the PBX) is not available at this level.

hashtag
Google Workspace Integration at the Tenant Level

When Google Workspace integration is configured at the Tenant level:

In addition to using Gmail for email notifications, you can:

  • Synchronize Google Workspace users into the PBX.

  • Automatically create PBX extension users based on Google Workspace accounts.

  • SSO for PBX Web portal and PortSIP ONE app login

hashtag
Collect Authorized Redirect URI

  1. Sign in to the PortSIP PBX Web Portal.

  2. Navigate to Integrations > Google Workspace.

  3. Locate the Authorized Redirect URI.

  4. Copy the URI exactly as displayed and save it.

If you have deployed PortSIP SBC with the PBX, two Authorized Redirect URIs will be shown. Copy both URIs, as they must be added to the Google OAuth configuration.

Note: The redirect URI must match exactly in Google OAuth settings, or authentication will fail.

hashtag
Configure Settings in Google Cloud

Follow the steps below to configure Google integration for PortSIP PBX.

hashtag
Create a Project in Google Cloud

  1. Sign in to your Google account and open the Google Cloud Consolearrow-up-right.

  2. Click Create Project.

  1. Enter a Project Name.

  2. Click Create.

After the project is created, you can proceed with configuring OAuth credentials for PortSIP PBX.

hashtag
Enabling the Gmail API

To allow PortSIP PBX to send emails via Google Workspace, you must enable the Gmail API for the project.

  1. In the Google Cloud Console, open APIs & Services > Library.

  2. In the search bar, enter Gmail API.

  3. Click the Gmail API result.

  4. On the Gmail API page, click ENABLE.

hashtag
Enabling Admin SDK API and Google People API

To enable Google Workspace SSO and user sync, you need to enable the Admin SDK API and People API.

  1. In the Google Cloud Console, open APIs & Services > Library.

  2. In the search bar, enter Admin SDK API

  3. Click the Admin SDK API result.

  4. On the Admin SDK API page, click ENABLE.

  5. Repeat the steps for enabling the People API

hashtag
Configuring OAuth

After enabling the API permissions, navigate to the OAuth consent screen page.

  1. Click GET START

  1. On the next page, Google will prompt you to enter the App name and User support email (see the screenshot below).

  1. Click Next, then select the appropriate Audience for your application. For example, choose External.

  1. Click Next, then enter the required Contact Information email address.

  1. Click Next, review and agree to the User Data Policy, then click Create.

  1. If you selected External as the Audience in the previous step, you must click Publish App after the app is created (see the screenshot below).

  1. Click Confirm to publish the app.

  1. Navigate to APIs & Services → Credentials in the Google Cloud Console.

  1. Click + Create Credentials, then select OAuth client ID.

  1. Enter the required information as follows:

    • Application type: Select Web application.

    • Name: Enter a name (for example, PBX).

    • Authorized redirect URIs: Click + Add URI, then paste the Authorized Redirect URI collected earlier.

      • If PortSIP PBX provides two redirect URIs, make sure to add both.

    Click Create to generate the OAuth client.

  1. After the application is created, a confirmation screen will appear (see the screenshot below).

    Copy the Client ID and Client Secret, and store them securely. You will need these values when configuring Google Workspace integration in PortSIP PBX.

hashtag
Configure Settings in PortSIP PBX

After creating the OAuth client in Google Cloud, configure the integration in PortSIP PBX.

  1. Sign in to the PortSIP PBX Web Portal.

  2. Navigate to Integrations > Google Workspace.

  3. Paste the Client ID and Client Secret you copied earlier into the corresponding fields.

  1. Click the Complete the authorization hyperlink. You will be redirected to Google to complete the OAuth authorization process.

  1. Once the authorization process is completed successfully, the Google Workspace integration is fully configured.

You can now use OAuth authentication to send email notifications from PortSIP PBX through the Gmail service.

hashtag
Configuring SSO

To enable Single Sign-On (SSO), you must configure the Google Workspace integration at the tenant level.

hashtag
Configure User Synchronization

To synchronize users from Google Workspace to PortSIP PBX:

  1. Sign in to the PortSIP PBX Web Portal.

  2. Navigate to Integrations → Google Workspace.

  3. Click the User Sync tab.

Sync Mode

Select a Sync Mode:

  • Manual – Administrators manually trigger synchronization.

  • Automatic – The system synchronizes users automatically.

Important: After selecting the sync mode, it cannot be changed later. Choose carefully.

hashtag
Extension Number Assignment

Specify how extension numbers will be assigned to synchronized users:

  • You may define a starting extension number range.

  • If no range is specified, the system automatically assigns the first available extension numbers.

hashtag
User Photo Synchronization

You can enable synchronization of Google Workspace profile photos.

When enabled, user photos will be displayed as profile pictures in:

  • PortSIP desktop and mobile apps

  • The WebRTC client

hashtag
Enable SSO

After configuring User Synchronization, you can enable Single Sign-On (SSO).

  1. Sign in to the PortSIP PBX Web Portal.

  2. Navigate to Integrations > Google Workspace.

  3. Click the Sign In tab.

  4. Turn on Enable.

  5. Select how users will use SSO according to your requirements.

After Google Workspace integration is successfully completed, a Google icon will appear on the login pages of:

  • The PortSIP PBX Web Portal

  • The PortSIP ONE app

This indicates that SSO is enabled.

Users can click the Google icon to sign in using their Google Workspace credentials.

PreviousMicrosoft 365 IntegrationNext30 Office Hours and Holiday Schedule

Last updated