Below are common questions about setting up Change Password Notifier for Active Directory (CPN for AD) on devices in your organization.
Outbound traffic allowlist: Which URLs does CPN for AD need to call from my AD domain controllers?
- The API to get the OAuth2 token needed to authorize the request: https://oauth2.googleapis.com/token
- The device token API: https://chromedevicetoken.googleapis.com/v1/users:invalidateToken
No.
You must install CPN for AD on all domain controllers that might be used for password changes from your ChromeOS users.
There are some integrations with major identity providers and an API for integration with custom identity solutions available. For details, see step 1 in Keep local ChromeOS and SAML SSO passwords in sync.
Google and related marks and logos are trademarks of Google LLC. All other company and product names are trademarks of the companies with which they are associated.