Google Workspace subscription and Admin Account
- In Google Cloud create Google Cloud project Create a Google Cloud project | Google Workspace | Google for Developers
- Cloud project manages APIs and Access Control. So, each endpoint setup in Aparavi Platform is likely supposed to have a dedicated pre-configured Google Cloud project.
- Create Service Account in the Google Cloud Create service accounts | IAM Documentation | Google Cloud
- Enable Identity and Access Management (IAM) API to your project in order to create Service Account (just follow the manual).
- After Service Account created, Service Account Key file with authentication information will be downloaded. Store this file securely, it will be used for authenticating connections to Google Workspace.
- [ALT] Create Service Account Key and download the file with authentication information. Store this file securely, it will be used for authenticating connections to Google Workspace.
- Enable Google Drive API in Google Cloud Enable and disable APIs – API Console Help
- Enable Google Drive API in Google Workspace Enable Google Workspace APIs | Google for Developers
- Enable Admin SDK API in Google Workspace Enable Google Workspace APIs | Google for Developers
- Delegate Admin Account to Service Account Create access credentials | Google Workspace | Google for Developers
In order to access Google Workspace resources, Google Cloud Service must impersonate as Google Workspace Admin.
-
- In Admin Console go to Security/API Controls/Domain-wide Delegation and add to Service Account the follow authorization scopeshttps://www.googleapis.com/auth/admin.directory.user.readonly
https://www.googleapis.com/auth/drive (or https://www.googleapis.com/auth/drive.readonly)
- In Admin Console go to Security/API Controls/Domain-wide Delegation and add to Service Account the follow authorization scopeshttps://www.googleapis.com/auth/admin.directory.user.readonly
