Summary: This article contains step-by-step instructions on how to create and configure a project in Google Cloud Platform to manage Google Workspace in Cayosoft Administrator.
Applies to: Cayosoft Administrator 9.1.0 or later
ID: KB20220211-1
Content:
Required prerequisites
- Install PSGSuite PowerShell module from PowerShell Gallery: https://www.powershellgallery.com/packages/PSGSuite/
Create a new project in Google Cloud Platform
- Sign in to https://console.developers.google.com using a Google account.
- Click Create Project.
- Specify project name.
- Click Create.
Enable the APIs
-
- In the Navigation menu in Google Cloud Platform select APIs & Services > Library.
- In the API Library search one by one for the following APIs and enable them:
- Admin SDK
- Contacts API
- Drive Activity API (Apps Activity API v2)
- Enterprise License Manager API
- Gmail API
- Google Calendar API
- Google Classroom API
- Google Docs API
- Google Drive API
- Google Sheets API
- Google Slides API
- Groups Settings API
- Hangouts Chat API
- People API
Create Service Account
- In the Navigation menu in Google Cloud Platform select IAM & Admin > Service Accounts.
- Click Create Service Account.
- Specify the Service Account name.
- Service Account ID will be generated automatically.
- Click Create and Continue.
- In the Grant this service account access to this project select Owner role.
- Click Done.
- On the created Service Account click the Details tab - save Email and Unique ID in a Notepad, you will need them when you fill out the Google Workspace extension in the Cayosoft Administrator Console.
Create the key for the Service Account
- Select the created Service Account and in the Actions menu click Manage Keys.
- Click Add Kye > Create a new key.
- Select P12 key type.
- Click Create - the key file will be generated and downloaded automatically.
Note: Store the key file and private key password securely. You will need the key file, service account Unique ID, and Email when configuring the Google Workspace extension in the Cayosoft Administrator console.
- Click Close.
Check that APIs are enabled
- In the Navigation menu in Google Cloud Platform select APIs & Services > Enabled APIs & services.
- Scroll down to the list of APIs and check that the following APIs are added to the list:
- Admin SDK
- Contacts API
- Drive Activity API (Apps Activity API v2)
- Enterprise License Manager API
- Gmail API
- Google Calendar API
- Google Classroom API
- Google Docs API
- Google Drive API
- Google Sheets API
- Google Slides API
- Groups Settings API
- Hangouts Chat API
- People API
Add API Client Access in Google Admin Console
- Sign in to https://admin.google.com/ using a Google Admin account.
- In Navigation menu select Secutiry > Access and data control > API Controls.
- Scroll down to Domain Wide Delegation and click Manage Domain Wide Delegation.
- Click Add new.
- On Add a new client ID form specify Unique ID of created Service Account.
- In OAuth Scopes specify the list of allowed APIs - copy\paste this APIS list:
https://apps-apis.google.com/a/feeds/emailsettings/2.0/,
https://mail.google.com/,
https://sites.google.com/feeds,
https://www.google.com/m8/feeds/contacts,
https://www.googleapis.com/auth/activity,
https://www.googleapis.com/auth/admin.datatransfer,
https://www.googleapis.com/auth/admin.directory.customer,
https://www.googleapis.com/auth/admin.directory.device.chromeos,
https://www.googleapis.com/auth/admin.directory.device.mobile,
https://www.googleapis.com/auth/admin.directory.domain,
https://www.googleapis.com/auth/admin.directory.group,
https://www.googleapis.com/auth/admin.directory.orgunit,
https://www.googleapis.com/auth/admin.directory.resource.calendar,
https://www.googleapis.com/auth/admin.directory.rolemanagement,
https://www.googleapis.com/auth/admin.directory.rolemanagement.readonly,
https://www.googleapis.com/auth/admin.directory.user,
https://www.googleapis.com/auth/admin.directory.user.readonly,
https://www.googleapis.com/auth/admin.directory.user.security,
https://www.googleapis.com/auth/admin.directory.userschema,
https://www.googleapis.com/auth/admin.reports.audit.readonly,
https://www.googleapis.com/auth/admin.reports.usage.readonly,
https://www.googleapis.com/auth/apps.groups.settings,
https://www.googleapis.com/auth/apps.licensing,
https://www.googleapis.com/auth/calendar,
https://www.googleapis.com/auth/chat.bot,
https://www.googleapis.com/auth/classroom.announcements,
https://www.googleapis.com/auth/classroom.courses,
https://www.googleapis.com/auth/classroom.coursework.me,
https://www.googleapis.com/auth/classroom.coursework.students,
https://www.googleapis.com/auth/classroom.guardianlinks.students,
https://www.googleapis.com/auth/classroom.profile.emails,
https://www.googleapis.com/auth/classroom.profile.photos,
https://www.googleapis.com/auth/classroom.push-notifications,
https://www.googleapis.com/auth/classroom.rosters,
https://www.googleapis.com/auth/classroom.rosters.readonly,
https://www.googleapis.com/auth/drive,
https://www.googleapis.com/auth/gmail.settings.basic,
https://www.googleapis.com/auth/gmail.settings.sharing,
https://www.googleapis.com/auth/plus.login,
https://www.googleapis.com/auth/plus.me,
https://www.googleapis.com/auth/tasks,
https://www.googleapis.com/auth/tasks.readonly,
https://www.googleapis.com/auth/userinfo.email,
https://www.googleapis.com/auth/userinfo.profile - Click Authorize.
Configure Google Workspace extension in Cayosoft Administrator Console
- In Admin Console navigate to Home > Configuration > Connected Systems Extensions > Google Workspace (Beta).
- Configure the extension as it is described in the Google Workspace (Beta) extension settings – Cayosoft Help Center.
- Click Check Settings to validate the specified settings and verify that the specified credentials are correct.
List of automation rules and web actions for Google Workspace management
- New User web action (Google)
- Properties web action (Google user)
- Delete web action (Google user)
- Text file | Create Google Users rule
- Text file | DynamicAttributes Update Google Users Properties rule
Comments
0 comments
Please sign in to leave a comment.