2. Create a Service Account

In order for Space Connect to seamlessly integrate with user calendars, we require a Service Account to be established. Follow the below steps to set up a Space Connect service account:

Step 1:

Log into Google Cloud Platform and click API & Services. Select the 'Credentials' menu item.

Google9

Step 2:

Click on the 'Create Credentials' button and select 'Service account' tab.

Google10

Step 3:

Select 'Service Account' and enter the below details to create the service account.

New Service Account Details

  1. Service Account Name = SpaceConnect Service Account
  2. Role = Project Owner
  3. Step 3 can be left blank.
  4. Click 'Done'
  5. Click on the pencil icon to the right of the new service account to get the edit credentials page
  6. Click 'Add Key' and select 'Create new key'
  7. Key Type = P12
  8. Create + Save the File

Step 4:

After you select the ‘Create’ button, the P12 file will automatically download. The New private key details will display and show you the private key password.

NOTE: You will need to record the private key password as you will need these later.

Google12

Step 5:

 In Google Cloud Platform, select left menu APIs & Services > OAuth consent screen

 

Step 6:

Make sure the project “Space Connect” is selected and then tick the option “External” and select [CREATE]

Step 7:

Edit app registration. Follow the breadcrumbs: 

In “step 1 - OAuth consent screen” inform the following :

  • App name: Space Connect 
  • User support name: inform the email of an administrator
  • Developer contact information: inform the email of an administrator
  • Click [SAVE AND CONTINUE]

In step 2 - “Scopes”:

  • Click [SAVE AND CONTINUE]

In step 3 - “Test Users”:

  • Click [SAVE AND CONTINUE]

In step 4 - “Summary”: 

  • Scroll to the bottom of the page and click [BACK TO DASHBOARD].

  1. Go back to the Credentials tab.
  2. Click on the pencil icon to the right of the new service account to get the edit credentials page.
  3. Click on 'Show Advanced Settings'
  4. Click the below:
    Then press 'Continue'

Step 8:

Go to API Manager and select the Credentials menu item. Record the Client ID of the service account in the OAuth 2.0 client IDs section as you will need this later.

Step 9: Create the apps & set the scopes

Sign in to the Google Admin Console.

Step 10:

From the dashboard, select the Security icon.

Google13

Step 11:

Select the "API Controls" menu.

Google14

Step 12:

Select Manage 'Domain Wide Delegation'. Click "Add New"

Google15

Step 13:

Copy and paste the Client ID you recorded in Step 8 and copy the following scopes in the One or More API Scopes field and click on the Authorize button.

Scopes:
  • https://www.googleapis.com/auth/admin.directory.group.readonly
  • https://www.googleapis.com/auth/admin.directory.user.readonly
  • https://www.googleapis.com/auth/calendar.readonly
  • https://www.googleapis.com/auth/calendar.events
  • https://www.googleapis.com/auth/admin.directory.resource.calendar
  • https://www.googleapis.com/auth/userinfo.profile
  • https://www.googleapis.com/auth/userinfo.email
  • https://www.googleapis.com/auth/admin.directory.group.member.readonly 

Tick the box for "Trust Internal Domains"


Step 14: Manage Third-Party App access

Go to Security -> API controls

Click “MANAGE THIRD-PARTY APP ACCESS”

Step 15: Confirm Trusted access

Check that the following two Apps are listed and configured as trusted.

Gooogle

Step 16: Add application

If the app is already listed, then no further action is required for this stage and you can move to the next step.

However, if the applications are not configured, then configure them as follows:

    • Click “Configure new app”
    • Choose “OAuth App Name or Client ID”
    • Search for “328262629650-uuku5noiqri1a7buh0o46gk22v1apbvp.apps.googleusercontent.com”
    • Make the App “Trusted”.
    • Do the same process but for “328262629650-hihtd4jabrfsept43jmpolpqt5vb84r4.apps.googleusercontent.com”
Once you have completed these steps you can move to the next stage.