This section describes how to create a new service account and configure OAuth authentication with the Google Directory.
NOTE: This procedure is subject to change. Micro Focus recommends that you refer to the documentation for Google Directory.
To configure authentication (with a service account)
Select Key type JSON, and then Create.
A JSON file is saved to your machine. Store the JSON file to be used later.
Ensure that an entry is present for the Client ID (from step 13, above), and that the following scopes are included:
When adding scopes, copy any existing scopes, then add the new scopes (comma separated, unquoted), and click Authorize.
To obtain OAuth tokens
oauth_tool.cfg
.Configure the following section, by replacing <client_email>
with the e-mail address of the service account and <private_key>
with the private key. The private key is available from the JSON file that was saved to your machine in the previous procedure.
[GoogleDirectory] OAuthVersion=2.0 SiteName=GoogleDirectory AuthorizationType=GoogleServiceAccountAuthorization CustomJson={"GoogleServiceAccount":"<client_email>","GoogleServiceAccountPrivateKey":"<private_key>"}
From the command line, run the following command:
oauth_tool oauth_tool.cfg GoogleDirectory
The OAuth configuration tool generates the files oauth2_sites.bin
and oauth.cfg
. The file oauth.cfg
contains the configuration parameters that are required by OmniGroupServer to authenticate with the directory. For information about how to configure OmniGroupServer, see Configure the OmniGroupServer Repository.
|