Google OAuth Authentication Client Settings
This page explains how to configure a Google OAuth authentication client.
To configure the OAuth authentication client, you need to log in to Google Cloud Platform using an account with Google Workspace administrative permission.
The steps described here are those confirmed as of October 2023. The content of this page is subject to change at the discretion of the service providers. For details, refer to Disclaimer.
-
Log in to Google Cloud Platform.
-
Click SELECT PROJECT in the header.
-
In the "Select a project" dialog, click NEW PROJECT.
-
On the "New Project" screen, configure project information and click CREATE.
-
Display the project you created in step 4.
-
Under APIs & Services, click OAuth consent screen.
-
On the "OAuth consent screen" screen, select a User Type and click CREATE.
-
On the "Edit app registration" screen, configure the information displayed on the OAuth consent screen.
The "App name", the "User support email", and the "Email addresses" fields are mandatory. Other fields are optional. -
Scroll down to "Authorized domains" on the screen, and click ADD DOMAIN to enter the Garoon domain.
-
Confirm your settings and click SAVE AND CONTINUE.
-
Click ADD OR REMOVE SCOPES.
-
On the "Update selected scopes" screen, select "Gmail API (https://mail.google.com/)" and click UPDATE.
-
Confirm your settings and click SAVE AND CONTINUE.
-
Click Credentials under APIs & Services.
-
On the "Credentials" screen, click OAuth client ID under CREATE CREDENTIALS.
-
On the "Create OAuth client ID" screen, configure an application type in "Web application" and enter a name in "Name".
-
Scroll down to "Authorized redirect URIs" on the screen, and click ADD URI to enter your URI in "URIs".
This URI is for users who move to the Garoon page after OAuth authorization.
The URI to configure depends on the environment where you use Garoon.
This section explains the scenario where "cbgrn" is set as the installation identifier in the single-machine deployment and "grn" is set as the Alias value in the DB-distributed deployment.- Windows:
https://(domain name)/scripts/cbgrn/grn.exe/oauth2/callback? - Linux (Single-machine deployment):
https://(domain name)/cgi-bin/cbgrn/grn.cgi/oauth2/callback? - Linux (DB-distributed deployment):
https://(domain name)/grn/oauth2/callback.csp?
When using Remote Service:
Also, set the redirection URI for Remote Service.- Windows:
https://remote2.cybozu.co.jp/scripts/cbgrn/grn.exe/oauth2/callback? - Linux (Single-machine deployment):
https://remote2.cybozu.co.jp/cgi-bin/cbgrn/grn.cgi/oauth2/callback? - Linux (DB-distributed deployment):
https://remote2.cybozu.co.jp/grn/oauth2/callback.csp?
- Windows:
-
Confirm your settings and click CREATE.
An "OAuth client created" dialog appears and "Your Client ID" and "Your Client Secret" are issued.
Copy the "Your Client ID" and "Your Client Secret" to a text editor such as Notepad. This ID is necessary to configure an OAuth client in Garoon.
Now you have completed the settings of the Google OAuth authentication client.
Set the copied "Your Client ID" and "Your Client Secret" to Garoon. For details, refer to the following pages.
- Garoon 5: OAuth Client Settings
- Garoon 6: OAuth Client Settings