Configuring Google Workspace for Google Meet integration
This topic explains the Google Workspace configuration steps that are required when integrating Pexip Infinity with Google Meet.
It covers the following processes:
You can configure your Google Meet settings from the Google Admin console via .
For more information about setting up Google interoperability, see https://support.google.com/a/answer/7673980.
Gateway access tokens are the private codes assigned to your Workspace account that are used by Pexip Infinity when it routes calls into your Google Meet conferences. Tokens can be defined as "trusted" or "untrusted", see Enabling access and admitting external participants into Google Meet conferences for details.
The generated tokens are only displayed once in Google Workspace, at the time of creating them. These tokens need to be configured on your Pexip Infinity system. Therefore you should have your Pexip Infinity Administrator interface open and available at the same time as you are generating the tokens within Google Workspace.
To set up your trusted and untrusted gateway access tokens from the Google Workspace administrator console:
- Go to Apps > Google Workspace > Google Meet > Gateways for Interoperability.
- Select .
Enter a gateway name, for example the domain of your Pexip Infinity deployment plus a "trusted" or "untrusted" label, for example "example.com (trusted)".
You are shown the generated access token.
This is the token you must enter into Pexip Infinity.
Use the option toto your clipboard.
This is the only time you will be able to see the token before it is stored and encrypted in Google Workspace.
Switch to your Pexip Infinity Administrator interface and configure this gateway token in Pexip Infinity:
- Go to and select .
Add the details of your token:
Name The name that you specify here is used elsewhere in the Pexip Infinity interface when associating the token with a Call Routing Rule or Virtual Reception, so we recommend including an indication if it is your trusted or untrusted token. Access token
Paste in the access token from your clipboard.
- Select .
- You can now return to the Google Workspace console and the token dialog.
- Use the button to set the token to either trusted or untrusted as appropriate.
If you want to create a trusted and an untrusted token, repeat the above steps to generate the second gateway token.
You can create as many trusted and untrusted gateways as required, although one of each type is normally sufficient. Service providers may need to apply multiple pairs of access tokens for each tenant they are managing.
See Configuring Pexip Infinity as a Google Meet gateway for more information about Pexip Infinity configuration requirements.
You also need to enable Google Meet interoperability to allow other systems to dial into your Google Meet calls. You do this via Apps > Google Workspace > Google Meet and then configure the Meet video settings and select the Interoperability settings.
You should configure the followingoptions:
|Allow interoperability with other systems||
Select this option to enable gateway interoperability and to configure the other settings.
By default, interoperability is made available to everyone in the organization; see Controlling access to gateway interoperability for details about how to limit access.
|Meeting ID length||
You have three options for setting the length of the meeting ID that is generated by Google:
See https://support.google.com/a/answer/7673980 for more information about meeting IDs.
We recommend using Long meeting IDs.
If you are transitioning from short to long IDs then you can switch immediately to long IDs. Any existing or recurring meetings created with short IDs will still work, but they will continue to only have short IDs. You must ensure that your Call Routing Rules continue to match short and long IDs for the transition period (see this guidance for your regex).
|Gateway IP address and Gateway hostname||
The IP address and hostname address you specify here are used when Google Meet generates the addresses that allow third-party systems to access the conference. They are used to direct callers to your Pexip Infinity Conferencing Nodes that will then connect them into the Google Meet conference.
Ensure that you refer to Conferencing Nodes that will be routable from those systems and devices that will be using those dial-in addresses.
See DNS record examples for more information about enabling endpoints to route their calls to Conferencing Nodes.
|Meeting ID prefix||
This prefix applies to short meeting IDs only. If configured, it is prepended to the generated short meeting ID. It can then also be part of any regex-based validation within Pexip Infinity when users are entering meeting IDs.
Note that you cannot control the overall length of the generated short meeting ID.
Provide an additional gateway for Skype for Business users
In most cases this option is not required and should not be selected — normally the address shown via the "More joining options" link in the calendar event or invite is suitable for both SIP devices and Skype for Business users to join your meetings (as they will typically use the same Gateway hostname domain).
Only select this option if you use a different domain for Skype for Business and you need to generate a separate joining address for Skype for Business users. In which case, select this option and specify the domain used for Skype for Business calls as the Hostname.
When you enable gateway interoperability (by selecting Allow interoperability with other systems), it is made available by default to everyone in the organization.
However, you can restrict access to the interoperability functionality to specific Organizational Units (OUs) or groups, although it is not currently possible to enable it for individual users. See https://support.google.com/a/answer/9493952 for more details about how to do this.
- You can configure a subset of specific OUs/groups for interop access before turning on the main Allow interoperability with other systems to avoid temporarily making it available to everybody in the organization. If you subsequently want to broaden the access you can add other OUs/groups or just enable it for everybody in the organization.
- The access tokens apply to the entire Google Workspace tenant (i.e. to all specified OUs, groups or the entire organization, as appropriate).