Google Workspace Provisioning Error "Failed to download custom objects. Unauthorized operation for the given domain"
Dec 9, 2025
Okta Integration Network
Overview

Google Workspace provisioning flow fails with the following error visible in the Okta dashboard:

Automatic provisioning of user <username> to app Google Workspace failed: Failed to download custom objects. Unauthorized operation for the given domain


 
Applies To
  • Google Workspace
  • Provisioning
  • Error
Cause
The permissions for the account used to create the API connection are incorrect on the Google Workspace side. Permissions of the account may have changed, and it is not the Google Workspace Admin account.
Solution

When enabling provisioning in Okta and choosing the Google Workspace admin credentials for the integration, always use a system account.

  1. Go to Okta Admin Console and navigate to Applications > Applications > Google Workspace > Provisioning > Integration > click the Edit button.
  2. Click Re-authenticate with Google Workspace.

    Integration 

  3. Enter the Google Workspace Admin account credentials:

  • Enter the admin username.
  • Enter the admin password.
  • Review the list of permissions Google will grant Okta in the Google Workspace tenant. If acceptable, click Allow.
  1. On the Provisioning page in Okta, a message will confirm successful authentication. Click Save.
  2. Attempt the failed tasks again. Navigate to Dashboard > Tasks. Any failed assignments should appear under Tasks.

 image.png

  1. After identifying the failed task for the user that should be retried, click on Retry Selected.


Related References


 

Recommended content

No recommended content found...
Still looking for help?