You must authorize the Google Service Account you created in the Google API Console.
Note: You do this in the Google Admin Console.
Note: Disclaimer: The following instructions are correct at the time of writing. Google feature names and links may change over time.
- Go to https://admin.google.com and log in as an admin user.
- Click Security.
- Click API reference.
- Select Enable API access.
- Click Save.
- Click Show more > Advanced Settings.
- From the Authentication section, select Manage API client access.
- In the Authorized API clients > Client Name field, enter the Client ID for the Google Service Account created in How do I create a Google Service Account?
- Under One or More API Scopes, enter the following:
Tip: Copy and paste the whole line above without reformatting it.
- Click Authorize.
Google will display the scopes as:
Note: Do not add View groups on your domain, View organization units on your domain, or View users on your domain to the API scopes you are adding. As these are Google API scopes, the Google Admin console sorts them for you as in the image above. For more information about Google API scopes, go to https://developers.google.com/identity/protocols/googlescopes.
What's Left To Do?
- Create a Google Directory connection on your and synchronize it with your G Suite domain
- Enable the Connect for Chromebooks service on your Smoothwall
- How do I allow Google services through my Smoothwall?
- How do I distribute the HTTPS certificate to all my Chromebooks?
- How do I roll out proxy settings to all my Chromebooks?
- How do I deploy the Connect for Chromebooks Extension to all devices?
- How do I filter my Google devices when external to the network?
- Troubleshooting Connect for Chromebooks