How do I Setup a G Suite Connector?

Setting up server authentication with GSuite

Create a Google API Project

1.     Create a new Google APIs project under your google developer console which should direct you to your main project window.

a.     Sample: https://console.developers.google.com/XXXXXX/projects

b.     If you already have a project, go to https://console.developers.google.com/apis and select your project from the upper right drop-down list.

2.     After the project has been created you need to enable the following APIs:

a.     Go here: https://console.developers.google.com/apis.

                                                  i.    Google Drive API

                                                 ii.    Admin SDK

b.     Note: If they are not enabled, select from the “Google APIs” pane and click Enable for each one.

 

Create a service account with a private key file

1.     Select your new project and on the left side menu select “Service accounts”.

 

service_accounts.png

 

2.     Click on “Create Service Account”.

 

create_service_account.png

 

3.     Create a name for your new account and check the following:

a.     Furnish a new private key” with key type “P12”

b.      “Enable G Suite Domain-wide Delegation”. 

                                                  i.    Add a consent screen name if prompted.

 

service_account_name.png

 

4.     Generate and save the P12 file in a safe location.

a.     note the private key’s password (you will use them from SkySync to authenticate with G Suite.)

5.       Click on “View Client ID” for the service account you just created and record this for later use. 

 

 

Delegating domain-wide authority to the service account

1.       From a new browser window go to your G Suite administrative console: https://admin.google.com.

 

 

2.     Click on “Security” icon. If you don’t see it, click on “More Controls” at the bottom of the screen.

 

security.png

 

3.     Click on “Show more”, then “Advanced Settings”.

 

advanced_settings.png

 

advanced_settings.png

 

4.     Click on “Manage API client access”.

 

manage_api_client_access.png

 

5.     Under “Client Name”, paste the “Client ID” shown on the service account browser window left open on the “Create service account” section.

6.     Under “One or More API Scopes”, paste the following: 
https://www.googleapis.com/auth/admin.directory.group.readonly,https://www.googleapis.com/auth/admin.directory.user.readonly,https://www.googleapis.com/auth/drive

7.     Click on “Authorize”.

 

client_name.png

 

 

Create a new connection in SkySync

1.     From SkySync, click on “New Connection” and select “G Suite”.

2.     Type your G Suite user email address. The domain should automatically populate.

3.     Click on “Service Account”. In the popup window, paste the service account email address shown under the name on the service account browser window left open on the “Create service account” section.

4.     Click on “Choose private key”.

5.     Click on “Private Key File” and a file browser will pop up. Select the p12 file you generated above.

6.     Under “Private Key Password”, type the private key’s password noted above when you generated the key.

7.     Press ok on all dialogs.

 

Reference

https://developers.google.com/accounts/docs/OAuth2ServiceAccount

 

Please contact Portal Architects support for assistance with this article.

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk