Google admin console
      Back to home
      1. Support Center
      2. Data Sources
      3. Google admin console

      Google admin console

      A simple step-by-step guide of how to set up permissions for your Google accounts.

      First, you need to visit https://console.cloud.google.com/ and login (Note: the account needs to have admin rights). 

      When your are done sennd us your JSON file created in this process so we can start with scanning and cleaning up your data! AND  the your D&M contact what  global admin users that was used to create the JSON

      We need BOTH the JSON and the the name of the globals admin email in order to proceed

       

      1. When you log in, the page should look like on the screenshot below. First step is to create a project and to do that, click on the button marked red on the same screenshot.


      Screenshot 2025-05-23 at 10.41.26


      2. New page should open where button “New project” needs to be visible and selected.


      Screenshot 2025-05-23 at 10.42.31

       

       

      3. To create a new project, all you need to do is to write a name of it (with no spaces) and click on Create button.


      4. After you created a project, your page should look like on the screenshot below. Just make sure that your new project is selected. It's easy to check it - the name of it should be visible on the button marked with red box on the same screenshot.



      5. Once you have your project created and opened, click on the menu on the left and select APIs  & Services > Library



      6. After Library is opened, type in "Gmail API" in the search bar and click on the first result:



       

       

      7. Product details should be opened and all you need to do there is click on Enable button:



      8. After you enable it, your page should look like the one on the screenshot below. From there, click on Credentials > Manage service accounts:


       

      9. When on service accounts page, click on Create service account (marked with red on screenshot below):



      10. The page like on screenshot below should be visible now. Enter your service account name (whatever you prefer), copy the email address that is been created because you’ll need it later, and click on Done.

       

       

      11. Now your service account is visible in the table. To proceed, click on the email (marked with red box on screenshot below):



      12. From there, open the tab Keys and go to Add key > Create new key:


      13. Default selection will be JSON file and it needs to stay like that. Click on Create. The JSON file will be downloaded and we are going to use it for App registration on our Toolbox. 

       

       

      14. After your key is created, you need to go to Details tab, scroll a bit down and copy the Client ID because you’ll need it later. After that, click on View Google Workspace Admin Console.



      15. In your Admin console go to the side menu and click on Security > Access and data control > API controls. Scroll a bit down until you see Manage domain wide delegation and click on it.





      16. Click on Add new:



      17. New pop up window should be opened. Here you can enter Client ID that you copied earlier and these four links that are actually permissions (you can enter all four links in the same text input but they need to be separated with a comma or you can enter them separately):


      https://www.googleapis.com/auth/gmail.readonly


      https://www.googleapis.com/auth/admin.directory.user.readonly


      https://www.googleapis.com/auth/gmail.labels


      https://www.googleapis.com/auth/gmail.modify



      After you entered all necessary information, click on Authorize:


      18. Your newly created API client should be visible in the table like on screenshot below:




      And that’s it! Whenever you are ready, send us your JSON file created in this process so we can start with scanning and cleaning up your data! AND the global admin email that was used to create the JSON