Dynamic creation of Dynamic Google Groups

Here at Patronum, we are proud to have such a vibrant and active community that challenges us with amazing feature requests, one such suggestion was posted recently within our Community Portal.

“IdP application pushes user profile attributes to Google Workspace, as part of automatic provisioning, or profile push updates etc. In Patronum, you define rules, not to simply create a dynamic group based on logic and a single attribute value. You instead, define rules to automatically create and maintain groups, based on the schema. 

Example: For a custom attribute called GeoCode, we could have the values of LATAM, EMEA, NORAM. All of our Google users would have this GeoCode field filled with one of those values. You define a rule in Patronum, to create groups based on GeoCode attribute. You can specify a prefix and suffix, and also a limiting filter such as “Include only: EMPLOYEETYPE (another custom attribute) = FULL’ or similar. The output, is a group automatically generated for each GeoCode, and the groups include only full time employees. Ex. EMEA-fte@domain.com; NORAM-fte@domain.com etc.

Then, create a ‘two-field’ group rule: set a prefix of ‘country’, and base these groups off of the values of the Country attribute, and the Department attribute. Now, you have groups such as: country-US-sales@domain.com; country-UK-sales@domain.com; etc. Therein lies the sheer power of the solution.

Therefore, a single rule defines all possible groups, and each day those groups are created, updated, or deleted. Or perhaps triggered by directory change. Or perhaps, triggered at custom interval set by customer. These custom attributes are already easily added to the Google user profile schema, and easily pushed via IdP’s such as Okta to Google. This enables more power still, because you can pull attributes from other apps such as Salesforce, into your IdP, and then to Google, where Patronum defines groups for Sales Verticals or other working groups.“

Well, thanks to that suggestion we’re delighted to say that Patronum now supports the dynamic creation of dynamic Google Groups.

Within a policy simply select GROUPS and then manually type the attribute you want the policy to use in order to create or update the Google Group. For example, enter {{department}} in order to automatically create Google groups based on an individual’s department etc. Custom schemas can also be entered in order to take advantage of custom attributes within the Google Directory.