Domain-Wide Delegation of Authority for service account
    • PDF

    Domain-Wide Delegation of Authority for service account

    • PDF

    Article summary

    1. Login to Google Cloud Directory Sync (GCDS).
    2. Click on Security -> Access and data control -> API Controls from the navigation menu.
    3. Click on MANAGE DOMAIN WIDE DELEGATION in the Domain wide delegation pane.
    4. Click Add new.
    5. In the Client ID field, enter the Client ID obtained from the service account creation steps. For more details, see Creating a Service Account.
    6. In the OAuth scopes (comma-delimited)enter a comma separated list of the following:
      • https://www.googleapis.com/auth/admin.directory.user
      • https://www.googleapis.com/auth/cloud-platform
      • https://www.googleapis.com/auth/admin.directory.group
      • https://www.googleapis.com/auth/admin.directory.group.member
      • https://www.googleapis.com/auth/admin.directory.rolemanagement
      • https://www.googleapis.com/auth/admin.directory.customer.readonly
      • https://www.googleapis.com/auth/admin.directory.domain.readonly
    7. Click AUTHORIZE.

    For more details, see Delegate domain-wide authority to your service account.


    Was this article helpful?

    What's Next