Click here to see your recently viewed pages and most viewed pages.

Secure Data Connector Developer's Guide: Overview

Google Secure Data Connector (SDC) is a client tool that you can use with Google Apps for Business or Education to connect gadgets, applications, and spreadsheets to data that is protected by a corporate firewall.

This guide assumes that you are familiar with Google Apps concepts and terminology. The Configuring section and the Google Gadgets tutorial assume an understanding of XML programming. The Google App Engine tutorial assumes an understanding of Java programming. The Installing section assumes an understanding of Linux terminology and commands.

See Prerequisites for software and system requirements.


  1. Introduction
  2. Understanding SDC
  3. Sample Connection Flow
  4. Prerequisites


SDC forms an encrypted connection between your data and Google Apps. SDC lets you control who in your domain can access which resources using Google Apps.

SDC works with Google Apps to provide data connectivity and enable IT administrators to control the data and services that are accessible in Google Apps. With SDC, you can build private gadgets, spreadsheets, and applications that interact with your existing corporate systems.

The following illustration shows SDC connection components.

Secure Data Connector Components

The steps are:

  1. Google Apps forwards authorized data requests from users who are within the Google Apps domain to the Google tunnel protocol servers.
  2. The tunnel servers validate that a user is authorized to make the request to the specified resource. Google tunnel servers are connected by an encrypted tunnel to SDC, which runs within a company's internal network.
  3. The tunnel protocol allows SDC to connect to a Google tunnel server, authenticate, and encrypt the data that flows across the Internet.
  4. SDC uses resource rules to validate if a user is authorized to make a request to a specified resource.
  5. An optional intranet firewall can be used to provide extra network security.
  6. SDC performs a network request to the specified resource or services.
  7. The service validates the signed request, checks the credentials, and if the user is authorized, returns the data.

Understanding SDC

Google provides an SDC reference implementation in open source that you can download from the SDC open source site and install within your corporate network.

SDC provides the following functionality:

  1. Secure link

    Encrypts connectivity between Google Apps and your network. Google Apps is the only external service that can make requests over this connection.

  2. Filters

    Limits the scope of the types of requests that can be routed over SDC. You can configure filters to limit which gadgets, spreadsheets, and App Engine applications may access which internal systems. Filters may also be used to control which users can access data from your internal systems within Google Apps. User-level filters augment the security provided by your internal systems for verifying users and originating applications. You may find it most flexible to manage filters broadly and continue to depend on endpoint authorization systems for fine-grained application access control.

  3. OAuth Signed Fetch

    Signed Fetch is an OpenSocial standard that adds authentication information to requests that are made through SDC. You can use OAuth to validate requests from Google and provide an additional layer of security to SDC filters. You can control access from your internal web service based on the user and source application and trust that these attributes, such as the user's email address, have originated from Google.

Sample Connection Flow

An example SDC connection flow with Google Apps is:

  1. A system administrator inside a domain activates SDC from the Google Apps Domain control panel. The activation process enables the administrator to specify a password that SDC uses to access Google Apps.
  2. The administrator modifies XML files for configuration and resource rule parameters, the latter indicates which users can access which domain resources.
  3. Starting the SDC service on the local server causes SDC to establish a continual connection between Google and the enterprise using the XML configuration files. For more information, see Configuring.
  4. Users work with Google Apps spreadsheets, gadgets, or App Engine applications that can access SDC to acquire data using:
    1. The import function in Google Spreadsheets (described in the Google Spreadsheets tutorial).
    2. The makeRequest API in a gadget in Google Sites (described in the Google Gadgets tutorial and the Google Visualization API tutorial).
    3. The urlFetch API in an application hosted on Google App Engine (described in the Google App Engine tutorial).
  5. Google Apps generates a request for an intranet resource.
  6. Google Apps checks the user and the application against the resource rules to ensure that the user has been granted access to the requested resource.
  7. If Google Apps grants access, Google Apps wraps the request inside the SOCKS protocol, encrypts the request, and sends the request across the Internet inside the established tunnel to an Agent.
  8. The SDC agent then issues the request to the relevant internal server within your corporate network, using the agent machine's DNS and routing configuration.
  9. The request arrives at the final destination, in this case, the web service application.
  10. After authentication, the request is returned and data travels back to the SDC agent, which encrypts the data, and sends the data up the tunnel to Google Apps.
  11. A Google Spreadsheets user gets data, the gadgets display data or populate forms, and an application processes and provides data access. Any authorized user in your Google Apps domain is able to make requests to private data in this fashion.


The following prerequisites are required to use SDC:

  • Google Apps for Business or Education
  • Administrator account for your Google Apps Domain to install and configure the SDC software
  • Root access to a Linux machine

System Requirements

  • Operating System: Linux, for example Ubuntu, Red Hat, or Debian
  • System Memory: 1 GB recommended
  • Disk Space: 200 MB for software installation, 2 GB for log files
  • CPU: Pentium D 2.4 GHz or faster (or equivalent AMD CPU) 32-bit or 64-bit
  • Ports: Open outgoing TCP port 443 to

Software Notes:

  • SDC enables requests from Google to route and resolve to resources within your corporate network. Developers can treat internal URLs as you would open URLs on the Internet. You can configure SDC by modifying the resourceRules.xml file, which controls how SDC forwards resource requests between the corporate domain and Google Apps.
  • SDC authenticates to Google by use of standard X.509 certificates in the SSLv3/TLS handshake. SDC uses standard Internet protocols to enable maximum compatibility with your enterprise. SDC resides within your enterprise and uses your IP and DNS infrastructure to resolve internal resources. Unlike a traditional VPN, SDC only supports inbound data requests that originate from Google Apps. Hosts inside the firewall cannot make direct requests to SDC.


The following sections enable you to learn, test, and work with SDC: