Google OAuth Authentication Client Settings

The permanent link has been copied.

Article Number:01061

This page explains how to configure a Google OAuth authentication client.
To configure the OAuth authentication client, you need to log in to Google Cloud Platform using an account with Google Workspace administrative permission.

The steps described here are those confirmed as of January 2021. The content of this page is subject to change at the discretion of the service providers. For details, refer to Disclaimer.

Log in to Google Cloud Platform.
Click SELECT PROJECT in the header.
In the "Select a project" dialog, click NEW PROJECT.
On the "New Project" screen, configure project information and click CREATE.
Display the project you created in step 4.
Under APIs & Services, click OAuth consent screen.
On the "OAuth consent screen" screen, select a User Type and click CREATE.
On the "Edit app registration" screen, configure the information displayed on the OAuth consent screen.
The "App name", the "User support email", and the "Email addresses" fields are mandatory. Other fields are optional.
Scroll down to "Authorized domains" on the screen, and click ADD DOMAIN to enter the Garoon domain.
Confirm your settings and click SAVE AND CONTINUE.
Click ADD OR REMOVE SCOPES.
On the "Update selected scopes" screen, select "Gmail API (https://mail.google.com/)" and click UPDATE.
Note
If Gmail API is not displayed, enable Gmail API using the following steps.
1. Click Google API Library.
2. On the "API Library" screen, type "Gmail API" in the search box and click "Gmail API" displayed as a search result.
3. Click ENABLE.
Confirm your settings and click SAVE AND CONTINUE.
Click Credentials under APIs & Services.
On the "Credentials" screen, click OAuth client ID under CREATE CREDENTIALS.
On the "Create OAuth client ID" screen, configure an application type in "Web application" and enter a name in "Name".
Scroll down to "Authorized redirect URIs" on the screen, and click ADD URI to enter your URI in "URIs".
This URI is for users who move to the Garoon page after OAuth authorization.
The URI to configure depends on the environment where you use Garoon.
This section explains the scenario where "cbgrn" is set as the installation identifier in the single-machine deployment and "grn" is set as the Alias value in the DB-distributed deployment.
- Windows:
  https://(domain name)/scripts/cbgrn/grn.exe/oauth2/callback?
- Linux (Single-machine deployment):
  https://(domain name)/cgi-bin/cbgrn/grn.cgi/oauth2/callback?
- Linux (DB-distributed deployment):
  https://(domain name)/grn/oauth2/callback.csp?
When using Remote Service:
Also, set the redirection URI for Remote Service.
- Windows:
  https://remote2.cybozu.co.jp/scripts/cbgrn/grn.exe/oauth2/callback?
- Linux (Single-machine deployment):
  https://remote2.cybozu.co.jp/cgi-bin/cbgrn/grn.cgi/oauth2/callback?
- Linux (DB-distributed deployment):
  https://remote2.cybozu.co.jp/grn/oauth2/callback.csp?
Confirm your settings and click CREATE.
An "OAuth client created" dialog appears and "Your Client ID" and "Your Client Secret" are issued.
"Your Client ID" and "Your Client Secret" will be required for Configuring OAuth Clients in Garoon. Copy them to a text editor such as Notepad.