Issues / #122
Wire /setup/google-workspace tile to the existing iamnim OAuth path
open
feature
Project: iamnim
Reporter:
11 May 2026 09:52
Description
Grove's Connect Google Workspace tile currently links to `/setup/google-workspace`, which 404s. Per the existing onboarding architecture (Google Drive consent via iamnim → refresh tokens in Pantheon per-org), the OAuth path already exists somewhere; this issue is about wiring the tile to it.
**Pieces:**
- Identify the canonical iamnim OAuth-start URL for Google Workspace, parameterized by org_slug.
- Update `nimsforestgrove/internal/web/integrations.go` `DefaultIntegrations[].SetupURL` to point at it (or a thin redirect endpoint on grove that adds the org_slug).
- After successful OAuth, ensure the refresh token + selected shared_drive_ids land in mycelium's vending proxy at the path `/api/integrations/{org_slug}/google_drive` (the existing GET endpoint that nimsforestgoogleworkspace polls every 5 min). The googleworkspace retry loop will then pick up the new creds live, mount the bedrock, and the grove tile disappears.
**Things to verify in the existing codebase before scoping work:**
- Does iamnim already accept a redirect_uri / final return URL? If yes, the tile just needs the right link.
- Does mycelium already accept POSTs to `/api/integrations/{org_slug}/google_drive` from iamnim? If yes, no new endpoint needed.
**Verification:** click Connect, complete Google consent, return to org dashboard, tile disappears within 5 min (the googleworkspace retry interval), Drive cards start appearing under `organize.<slug>.mynimsforest.com/browse/google-drive/`.
**Pieces:**
- Identify the canonical iamnim OAuth-start URL for Google Workspace, parameterized by org_slug.
- Update `nimsforestgrove/internal/web/integrations.go` `DefaultIntegrations[].SetupURL` to point at it (or a thin redirect endpoint on grove that adds the org_slug).
- After successful OAuth, ensure the refresh token + selected shared_drive_ids land in mycelium's vending proxy at the path `/api/integrations/{org_slug}/google_drive` (the existing GET endpoint that nimsforestgoogleworkspace polls every 5 min). The googleworkspace retry loop will then pick up the new creds live, mount the bedrock, and the grove tile disappears.
**Things to verify in the existing codebase before scoping work:**
- Does iamnim already accept a redirect_uri / final return URL? If yes, the tile just needs the right link.
- Does mycelium already accept POSTs to `/api/integrations/{org_slug}/google_drive` from iamnim? If yes, no new endpoint needed.
**Verification:** click Connect, complete Google consent, return to org dashboard, tile disappears within 5 min (the googleworkspace retry interval), Drive cards start appearing under `organize.<slug>.mynimsforest.com/browse/google-drive/`.