Integrating with Google Apps for Education

The Process in a Nutshell

Here's a summary of what you'll need to do to get your instance of Populi integrated with your Google Apps for Education account using Single Sign-On. If you like checklists, you can download a PDF of this section.
  1. Create a Google Apps Super Administrator Account for Populi (e.g.
  2. Set up an SPF record to allow Populi to send email on behalf of your .edu domain.
  3. Confirm that all Google Apps users have matching Populi user accounts. For example, Populi user jimbob04 must also be Google Apps user If usernames and passwords don't match up, those users won't be able to log in after the integration!
  4. If you'd like to import calendars from Populi Calendar to Google Calendar, tell us which Calendars. We can import the Populi "School Calendar," but not individual Populi User Calendars. If you've already been using Google Calendar, importing Populi Calendars might duplicate events.
  5. Notify your users of the upcoming changes:
  • They will now log in to Google Apps with their Populi password.
  • They will need to update settings in desktop clients like Outlook and Thunderbird.
  • Their Populi Calendars—both personal and college—will disappear; they will receive automatic read-only subscriptions to your college's Google Shared Calendar.
  • Realize that Google only allows 25 calendars to be made per day. If you have 100 active courses, we need to start making calendars 4 days prior to the next step.
  • Set up a time with us to flip the switch (we really don't recommend the middle of a workday for this!). Depending on your email migration plan, you may need to point your MX records at Google right before we make the change.

    Give Populi an Administrator Account

    Once you've activated your free Google Apps for Education account, log in to the Apps control panel and create a Super Administrator account for Populi (e.g.; send the welcome email to Populi uses this account to automate user-creation (that is, add email and calendar accounts in Google Apps)—so make sure it has Super Administrator-level access!

    Check your SPF DNS Record

    Next, to ensure proper email delivery, have your IT staff ensure that your domain has an SPF DNS Record that looks something like this:

    v=spf1 a mx ~all

    This record tells anti-spam software that Populi is allowed to send mail on your behalf, so that email you send from Populi isn't automatically marked as spam.

    Feel free to contact us at if you have questions about this—it can be very difficult to figure out the exact form this record should take.

    Notify Populi Support

    Once you've completed the previous steps, let us know the Populi-specific username and password. We'll log in and modify the following settings:

    Over at . . .

    Search for Set up single sign-on (SSO) with a third party IdP and click on the top result.

    Click on Set up single sign-on (SSO).

    We'll upload a Verification certificate to ensure secure communication between Google and Populi. We'll also change the following settings:

    • Sign-in page URL:
    • Sign-out page URL:
    • Change password URL:
    • Check Use a domain specific issuer

    Search for API Access and click on the top result.

    We'll check Enable API Access. This allows Populi to automatically create and suspend Google Apps user accounts. (Note: this step may be deprecated due to recent design changes and the new App Access Control settings.)

    Then over at . . . 

    We'll create a new Project called Populi API. (Note: You may need to enable the developer console in the admin console. Search for Google Developers Console (or Google Cloud Platform))

    Search for Google Calendar API and enable it. 

    Admin SDK and enable it.

    Gmail API and enable it.

    Search for All Quotas. We'll set the Per-User Limit to 100,000 requests/second/user or whatever the maximum value is. It is very important to maximize the Quota for the Calendar API!

    Search for Service Accounts. We'll create a new account named Populi Service Account, set the Role to Project: Owner, and check the box for Furnish a new private key and Enable Google Apps Domain-wide Delegation.

    The Service Account JSON key should automatically download. This might only work in Google Chrome.

    Then over in Populi . . .

    Under Populi > Account > Account Settings > Integrations > Google Apps JSON Private Key, paste that JSON key you just downloaded.

    Under Populi > Account > Account Settings > Single Sign-On (IdP), set Should other applications be allowed to authenticate against Populi? to Always let other applications authenticate.

    Then back over in . . . 

    Go to Security->API Controls->App access control->Manage Domain Wide Delegation.

    Set the Client Name to the client_id as specified in the JSON private key you just downloaded.

    Set the Scopes to:,,,,

    Activate the Integration

    Once these settings are complete, we will confirm a time with you to activate the integration. At the agreed-upon time, we'll throw the switch and activate the integration!

    Once the integration is activated, any previous Google Apps passwords will no longer work—it will instead require a valid Populi username and password. Depending on your preference, we may change some Populi usernames to be the same as Google Apps usernames (or the other way around), but that should be fairly rare.

    Let your users know about this several days before the integration is activated. Explain to them how their login process to Google Apps will change.

    What happens in Populi now?

    Read more about this in Questions about Google Apps.


    You can add and suspend user accounts.

    When creating a new user, you'll now have the option to create a Google Apps account with the same username. Your users can now log in to Google Apps with their Populi credentials; those same credentials can even connect a desktop email client like Thunderbird or Outlook to GMail.

    Email and Calendar Apps

    New users will be automatically subscribed to your School Calendar. Users will see events from their personal calendars and the School Calendar on their Home Dashboard.

    Once logged into Populi, when you (or any of the users at your institution) click Email or Calendar, it will open the Gmail or Google Calendar accounts you have through your institution.

    Composing Email in Populi

    There are some limitations with how the Email integration works. To take advantage of some of the advanced Email features in Populi, Populi still uses the native Compose Email view. It opens when you click Email links within Populi (like "Email This Section", "Email Staff", etc.). Messages sent from Populi will show up in a new Sent From Populi folder in Gmail; nor will messages sent from Gmail appear anywhere in Populi.

    Use GMail for personal or unofficial correspondence.

    Use Populi for official, school-related correspondence, or anything that requires a public record, such as:

    • Anything you want to appear on a person's Activity Feed
    • Mailing Lists or One-Time Lists
    • Emailing students in a course, or groups of people found in Data Slicer Reports, or any other group-emailing you need to do
Was this article helpful?
4 out of 5 found this helpful
Submit a request


  • 0
    Steve Sutcliffe

    Perhaps this changed with the last few updates, but I'm unable to find Settings > Integrations

  • 0
    Lindsay Luecht

    Does Populi integrate with Google Docs?

  • 0
    Brendan O'Donnell


    It doesn't integrate in terms of functionality (i.e. embedding a Google word doc into a Lesson), but if you have Apps for Education and use Docs as part of that suite, your people would access it via signing in through Populi.

  • 0
    Shawn Maggard

    We have two mail domains, one is and the other is which helps us distinguish from a faculty or staff account from a student account. Is it possible to integrate both into Populi and keep the domain and subdomain?

  • 0
    Mark Ackerman


    Unfortunately, Populi can only integrate with Google Apps for Education on one domain, so you would have to pick either or This is a case of Populi being more strict than what Google allows. Google allows domain aliasing and the ability to have separate domains. Here's a link to Google's Help Article on the subject of having multiple domains:

    Despite Google's flexibility, we recommend having staff, faculty, and students all on the same root domain. You would never want to have be a different person than, since that would inevitably result in the staff member getting emails intended for the student, and perhaps vice-versa, if the sender has both addresses in his auto-complete database (Hello, FERPA nightmare). If you consolidated down to one domain, you could have as a domain alias in Google Apps for mail delivery continuity.

    I understand that you probably have additional reasons for wanting the subdomain, but unfortunately provisioning multiple, separate domains via Populi isn't an option right now.

    Thanks, Mark

  • 0
    Carlos Marin

    Would Populi be able to ask a school using Google Apps to talk to us regarding their experience with this? We'd like to explore it.

  • 0
    Mark Ackerman

    Hey Carlos, 

    I'll see if I can get someone in touch with you.  I'll follow up by email.



  • 0
    Chris Chiacchierini

    We already had students, staff and faculty using GA before we went live with Populi. We are just starting up with Populi and have not yet toggled our users to "Is A User" in Populi. When making the transition, the default username/email doesn't match the user's alternate email (the GA email address that was imported from our old system) in the "Edit User Access" pop up box. This would seem to indicate that we would have to manually enter each user's GA prefix to assure a match. Is there a way to have the pop up box pull the alternate email into the username/email field automatically? Manual entry would take time during which many users would not be able to access Google Apps.

  • 0
    Mark Ackerman

    Hi Chris,

    Typically, in a situation like yours, you would want to create Populi accounts for all of your GA users before integrating GA with Populi. We could create all of your Populi student user accounts in bulk based on the alternate email address, as well. However, the nomenclature for default usernames is fixed and not customizable at this time. I'll follow up with you in a support request so we can go through the details.



Article is closed for comments.