My usecase is building a custom salesforce connector that can be used by Gemini Enterprise users. For iDP we used Google workspace based authentication / native Google Identity Platform
I am reading this documentation link about building a custom connector. What is not clear is the authentication and authorization part. From what i understand both the GE app end user and the custom connector needs to get authenticated and authorized.
The heading “ACLs and Identity mapping” in the above link mentions 2 methods to setup Authn and Authz. Is PureACLs the way to go for my use case since I am using google workspace account as an iDP?
Also link does not mention the deployment options for the custom connector. I know GCP marketplace is the ideal solution but we want to release it as a private connector. Do i need to package the connector code as a Cloud Run service?
Note:- The custom connector would be ingestion based not federated so any recommendations here
I believe this is based on how the integration works for the Salesforce, are they using specific user_id on the resources or email addresses!
Now the problem is what kind of connector are you building? is it based on the official salesforce api? What kind of export official salesforce api supports? Because custom data stores works in a way of storing documents with metadata, i’m sure custom connector is more like federated way.
Are you using any MCP for this integration? I’m also really interested in implementing something internally, but couldn’t find a cool way. it’s really painful to integrate salesforce afaik!
Have you checked it out this one → Connect Salesforce | Gemini Enterprise | Google Cloud Documentation
Btw, V2 explicitly requires a Salesforce Enterprise or Developer plan; trial orgs are not supported.
Depending on the use-case, ingesting to BigQuery generally provides enormous benefits for deterministic analysis and reporting. Knowledge Catalog provides easy methods for profiling, describing, monitoring, and securing all SF and associated platform datas. On the Gemini Enterprise side the Data Analytics, Conversational Analytics, or custom agents provide the natural language to semantic marriage.
Thanks @jortony yes I agree with you. The question is the scope tied to the data source connector or does it rest in building a separate AI agent.
Hopped into a meeting and hit enter too quickly =)
By building golden tables specific to role reporting you can avoid the connector ACLs and instead manage access to the data by managing access to the agents. This approach is easier to manage for smaller teams, but if you’re productizing custom connectors for deployment into other environments, then WIF is inevitably going to be valuable; though I would caution that the speed of innovation in the connector space (e.g. open source, Integration Connectors, ect.. ) might undermine connector products before you achieve market visibility.
I did not fully understand but i get the gist. GE has support for BYO-MCP now, probably the way to build federation based custom connectors @jortony