Before configuring G-Suite in data processor, user would need to enable this feature in the google admin dashboard.
1. Enabling the G-Suite Admin SDK API.
a. Goto console.cloud.google.com
b. Choose "APIs & Services" - "Library"
d. Search for "Admin SDK" and press "Enable"
2. Creating a service account
a. Click "IAM & Admin" > "Service accounts" b. Click Create Service Account.
i. Enter a name for the service account name field ii. Enter a description for the service account
c. Click Create
d. Click Continue > Create Key
i. The key type need to be set to JSON and click Create. You will see a message that the service account JSON file downloaded to your computer
e. Click Close > Done
3. Adding service account to G Suite
a. Go to G Suite Admin Console (admin.google.com)
b. Click Security, Advanced settings
c. Click Manage API client access from the authentication section d. Open the JSON key file downloaded from item 2
e. Enter the "Client ID" retrieved from JSON file to the "Client Name" field.
f. In the One or More API Scopes field, enter the list of scopes to be granted. The following is the sample to access the report API:
g. Click "Authorize"
BDS UI configuration
1. Adding new G-Suite connection under UI Collect-Connectors
a. Admin Email field need to be gsuite admin email account
b. API Scopes are the authorized scopes specified in item 3(f). This will be the same string that you enter in item 3(f). If you have multiple scopes, you can separate them by comma as what is specified in google admin console.
c. Service Account Key File is the file downloaded in item 2(d).
d. Please ensure to select the tenant while you perform the integration if you are admin of the tenant.
2. You can click G-Suite Test button to test gsuite connectivity
Please note that the most recent G-Suite data may take up to 2 hours to show up due to google does not seem to process those data in real time.
Please let SOC know if you have questions in the process of integration. You can always email firstname.lastname@example.org to have the integration done if you can retrieve the credentials like admin email ID, JSON file and API Scopes to be added into the BDS integratio