feat: add directory provisioning support for connections

docs/resource-specific-documentation.md

@@ -121,6 +121,61 @@ Contents of `promptName_screenName.json`
 }
 ```
 
+## Connections (Google Workspace directory provisioning)
+
+The Deploy CLI supports managing the `directory_provisioning_configuration` for Google Workspace (`google-apps`) connections. Only `google-apps` connections are processed for directory provisioning; other strategies will ignore this block. Deleting directory provisioning requires `AUTH0_ALLOW_DELETE=true`.
+
+The `mapping` array pairs Auth0 user fields with IdP fields, and `synchronize_automatically` controls whether Auth0 runs scheduled sync jobs for the connection.
+
+**YAML Example**
+
+```yaml
+connections:
+  - name: google-workspace
+    strategy: google-apps
+    options:
+      domain: example.com
+      tenant_domain: example.com
+      client_id: 'some_client_id'
+      client_secret: 'some_client_secret'
+      api_enable_users: true
+    directory_provisioning_configuration:
+      mapping:
+        - auth0: email
+          idp: mail
+        - auth0: name
+          idp: displayName
+      synchronize_automatically: false
+```
+
+**Directory Example**
+
+```
+./connections/google-apps-directory-provisioning.json
+```
+
+```json
+{
+  "name": "google-apps-directory-provisioning",
+  "strategy": "google-apps",
+  "enabled_clients": ["My SPA"],
+  "options": {
+    "domain": "example.com",
+    "tenant_domain": "example.com",
+    "client_id": "some_client_id",
+    "client_secret": "some_client_secret",
+    "api_enable_users": true
+  },
+  "directory_provisioning_configuration": {
+    "mapping": [
+      { "auth0": "email", "idp": "mail" },
+      { "auth0": "name", "idp": "displayName" }
+    ],
+    "synchronize_automatically": false
+  }
+}
+```
+
 ## Databases
 
 When managing database connections, the values of `options.customScripts` point to specific javascript files relative to

examples/directory/connections/google-apps.json

@@ -0,0 +1,21 @@
+{
+  "name": "google-apps-directory-provisioning",
+  "strategy": "google-apps",
+  "enabled_clients": [
+    "My SPA"
+  ],
+  "options": {
+    "domain": "example.com",
+    "tenant_domain": "example.com",
+    "client_id": "some_client_id",
+    "client_secret": "some_client_secret",
+    "api_enable_users": true
+  },
+  "directory_provisioning_configuration": {
+    "mapping": [
+      { "auth0": "email", "idp": "mail" },
+      { "auth0": "name", "idp": "displayName" }
+    ],
+    "synchronize_automatically": false
+  }
+}

examples/yaml/tenant.yaml

@@ -111,6 +111,24 @@ connections:
       ext_groups: true
     # Add other connection settings (https://auth0.com/docs/api/management/v2#!/Connections/post_connections)
 
+  - name: "google-workspace"
+    strategy: "google-apps"
+    enabled_clients:
+      - "My SPA"
+    options:
+      domain: "example.com"
+      tenant_domain: "example.com"
+      client_id: 'some_client_id'
+      client_secret: 'some_client_secret'
+      api_enable_users: true
+    directory_provisioning_configuration:
+      mapping:
+        - auth0: "email"
+          idp: "mail"
+        - auth0: "name"
+          idp: "displayName"
+      synchronize_automatically: false
+
 
 resourceServers:
   -