Sync user accounts from Google Workspace to Apple Business Essentials
You can sync user accounts from Google Workspace into Apple Business Essentials. When this occurs, you merge Apple Business Essentials properties (such as roles) with user account data imported from Google Workspace. The account information is added as read-only until you turn off syncing. At that time, the accounts become manual accounts, and attributes in these accounts can then be edited.
The initial sync takes longer to perform than subsequent cycles.
Note: Syncing user groups isn’t supported.
Before you begin
Before you sync to Google Workspace using an OIDC connection, you must do the following:
If necessary, configure and verify the domain you want to use. See Add and verify a domain. If you’ve already verified the domain you want to federate with Google Workspace, you can skip this process.
Configure, federate, and enable a domain. See Use federated authentication with Google Workspace.
Have on call a Google Workspace administrator with permissions to edit Google Workspace settings.
Google Workspace user accounts and Apple Business Essentials
When a user account is synced from Google Workspace to Apple Business Essentials, the default role is Staff. After the sync is complete, only the Roles user attribute can be edited. This attribute is stored with the user account in Apple Business Essentials and isn’t written back to Google Workspace.
Sign-in attribute
Apple Business Essentials requires that the attribute used for the Managed Apple Account be unique. This is normally the user’s email address. If a user has an attribute that’s exactly the same as an existing Apple Business Essentials user with the role of Administrator, no syncing is performed and the source field remains unchanged.
Person ID
When a Google Workspace user account is synced to Apple Business Essentials, a Person ID is created for the Apple Business Essentials user account. The Person ID is used to identify conflicting user accounts.
Important considerations if you modify the Person ID:
If you modify the Person ID for a user account previously imported from Google Workspace, that user account is no longer paired with Google Workspace.
If you modify the Person ID for a user account previously imported from Google Workspace and want to reconnect the user account, you must resolve the conflict.
Turn on Google Workspace Sync
In Apple Business Essentials, sign in with a user that has the role of Administrator or People Manager.
Select your name at the bottom of the sidebar, select Preferences
, then select Managed Apple Accounts 
.Under Directory Sync, turn on Google Workspace Sync.