2. Create a Service Account

In order for Space Connect to seamlessly integrate with user calendars, we require a Service Account to be established. Follow the below steps to set up a Space Connect service account:

Step 1:

Log into Google Cloud Platform and click API & Services. Select the 'Credentials' menu item.

Google9

Step 2:

Click on the 'Create Credentials' button and select 'Service account' tab.

Google10

Step 3:

Select 'Service Account' and enter the below details to create the service account.

New Service Account Details

  1. Service Account Name = SpaceConnect Service Account
  2. Role = Project Owner
  3. Step 3 can be left blank.
  4. Click 'Done'
  5. Click on the pencil icon to the right of the new service account to get the the edit credentials page
  6. Click 'Add Key' and select 'Create new key'
  7. Key Type = P12
  8. Create + Save the File

Step 4:

After you select the ‘Create’ button, the P12 file will automatically download. The New private key details will display and show you the private key password.

NOTE: You will need to record the private key password as you will need these later.

Google12

Step 5:

Select 'SHOW DOMAIN-WIDE DELEGATION'. Click on Enable G Suite Domain-wide Delegation. This will create a Client ID for service the account.

Step 6:

Enter 'Space Connect' in the 'Product name for the consent screen'.

Google11

Step 7:

Select the 'SAVE' button.

Step 8:

Go to API Manager and select the Credentials menu item. Record the Client ID of the service account in the OAuth 2.0 client IDs section as you will need this later.

Step 9:

Sign in to the Google Admin Console.

Step 10:

From the dashboard, select the Security icon.

Google13

Step 11:

Select the "API Controls" menu.

Google14

Step 12:

Select Manage 'Domain Wide Delegation'. Click "Add New"

Google15

Step 13:

Copy and paste the Client ID you recorded in Step 8 and copy the following scopes in the One or More API Scopes field and click on the Authorize button.

Scopes:
https://www.googleapis.com/auth/admin.directory.group
https://www.googleapis.com/auth/admin.directory.group.readonly
https://www.googleapis.com/auth/admin.directory.user
https://www.googleapis.com/auth/admin.directory.user.readonly
https://www.googleapis.com/auth/calendar
https://www.googleapis.com/auth/admin.directory.resource.calendar https://www.googleapis.com/auth/admin.directory.resource.calendar.readonly
https://www.googleapis.com/auth/userinfo.profile
https://www.googleapis.com/auth/userinfo.email

Tick the box for "Trust Internal Domains"

Step 14 : Manage Third-Party App ccess

Go to Security -> API controls

Click “MANAGE THIRD-PARTY APP ACCESS”

Step 15: Confirm Trusted access

Check that the following two Apps are listed and configured as trusted.

Gooogle

Step 16 : Add application

If the app is already listed, then no further action is required for this stage and you can move to next step.

However, if the applications are not configured, then configure as follows:

    • Click “Configure new app”
    • Choose “OAuth App Name or Client ID”
    • Search for “328262629650-uuku5noiqri1a7buh0o46gk22v1apbvp.apps.googleusercontent.com”
    • Make the App “Trusted”.
    • Do the same process but for “328262629650-hihtd4jabrfsept43jmpolpqt5vb84r4.apps.googleusercontent.com”
Once you have completed these steps you can move to the next stage.