Google Configuration
Prerequisite: Gespage must be version 9.3.0 or higher.
You will find below the steps to follow to synchronise your users from a Google directory.
To enable the possibility to scan to Google Drive, you must enable the Google Drive API, create a service account to use this API and a define authorization for this service account.
Then you must synchronize your users in Gespage.
Enable Google API:
Accede to you google console under the following URL: https://console.cloud.google.com
Accede to the API menu by clicking on ‘API and services’ in the quick access menu:
Go under Library, and do a search on Google Drive API:
Then, activate the API:
Service account creation:
Go back to the home menu from your Google console, and select ‘IAM and administration’:
Then, select ‘Service account’:
And choose, ‘create a service account’:
After the service account creation, you must add a key to this account.
The key must be create with JSON format.
Once the key is created, download it.
Adding autorisation:
Now, you need to go on the Google Admin console to add authorization on the service account.
You can perform this action, under the ‘API controls’ tabs.
Click on Add:
Set your ID, and add the following authorization:
To synchronise the users:
- https://www.googleapis.com/auth/admin.directory.user.readonly
- https://www.googleapis.com/auth/admin.directory.group.readonly
- https://www.googleapis.com/auth/admin.directory.group.member.readonly
To allow the Google Drive management:
- https://www.googleapis.com/auth/drive
- https://www.googleapis.com/auth/drive.file
- https://www.googleapis.com/auth/drive.metadata.readonly
Allow the user's authentication:
To allow users authentication from you client application, you need to add a customer and allow him the needed rights.
Go in the Applications menu and LDAP:
and add a new customer:
Add a name and click on continue:
We're asked to set the permissions needed for this customer on the domain:
As soon as the customer is created, a certificate appears for this customer that you can downloaded.
Download it, you will need to import it in Gespage during the synchronization configuration:
By default, the customer is disable.
You must click on to enable it.
Click on Service status:
And on enable for all to enable the customer:
Gespage user's synchronization
on Gespage, go under Directory Synchronization menu:
Choose Google Cloud Directory.
Before launch the synchronization, you must set the email for the service account you created, and import the JSON file previously created with the access right for the API regarding the users and the Google Drive access and also the customer certificate: