Opal supports integrations with Google Groups and Google Workspace (and GCP referenced in detail here).
In order for Opal to manage these integrations on your behalf, you'll need to create a Google service account with proper permission scopes. Instructions for setting up this service account are below:
Setting up a Service Account for Opal
- Open the Service accounts page. If prompted, select a project.
- Click "+ Create Service Account" at the top of the page.
- Step 1: Enter a name and description for the service account. When done click Create.
- Step 2: Skip the Grant this service account access to project section by clicking Continue.
- Step 3: Skip the Grant users access to this service account by clicking Done.
- Click into your newly-created service account, and go to the Keys tab.
- Click the Add key drop-down menu, then select Create new key.
- Select JSON as the Key type and click Create. Your new public/private key pair is generated and downloaded to your machine. You can now click Close on the open dialog.
Configure Permission Scopes for the Service Account
- Click into your newly-created service account, and go to the Details tab.
- Click open the Advanced Settings section, look under Domain-wide Delegation, and follow the instructions for setting up domain-wide delegation for your service account. You can alternatively follow these instructions below:
- From your Google Workspace domain's Admin console, go to Main menu > Security > API controls.
- In the Domain wide delegation pane, select Manage Domain Wide Delegation.
- Click Add new.
- In the Client ID field, enter the client ID under your service account's Details tab > Unique ID.
- In the OAuth Scopes field, enter the desired scopes. Details for what scopes the Google Groups and Google Workspace integrations need are on their setup pages.
Updated 6 months ago