Setting up G Suite service account
Last updated
Was this helpful?
Salesforce Sync
Last updated
Was this helpful?
To generate service-account credentials, or to view the public credentials that you've already generated, do the following in your Google API Console:
Open the .
If prompted, select a project, or create a new one. Refer to if creating a new project, the following API's need to be enabled: Gmail API, Google Calendar API, Contacts API, Google People API, and Tasks API.
Click Create service account.
Under Service account details, type a name, ID, and description for the service account, then click Done.
Optional: Under Service account permissions, select the IAM roles to grant to the service account, then click Continue.
Optional: Under Grant users access to this service account, add the users or groups that are allowed to use and manage the service account.
From the main "Service accounts" screen select the newly created account
Click the Enable G Suite Domain-wide Delegation button to activate this feature (if it is not already enabled). Copy the Unique ID, as it will be needed later. Click ADD KEY to create a new JSON key if there is no key yet (you will need to upload this key). Then save the form.
Now an administrator of the G Suite domain needs to delegate authority to the service account, using the Unique ID value you copied.
In the Domain wide delegation pane, select Manage Domain Wide Delegation.
Click Add new.
In the Client ID field, enter the service account's Unique ID that you have copied.
In the OAuth scopes (comma-delimited) field, enter the list of scopes that your application should be granted access to. You will need these scopes: email,
https://www.googleapis.com/auth/gmai.modify, https://www.googleapis.com/auth/gmail.send, https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/contacts, https://www.googleapis.com/auth/tasks
Click Authorize.
From your G Suite domain’s , go to Main menu menu > Security > Advanced settings [API Controls].
