Fortinet black logo

Online Help

Home FortiCWP 21.2.0 Online Help

Configure OAuth Consent Screen

21.2.0
22.2.a
22.1.0
21.3.0
21.2.1
21.2.0
21.1.0
20.3.0
20.2.0
20.1.0
4.4.0
4.2.0
Copy Link
Copy Doc ID 623e79e5-e0e1-11eb-97f7-00505692583a:110131

Configure OAuth Consent Screen

After your Google service account is created and configured, the Google project needs to have OAuth Consent Screen created and configured to enable Google Workspace Domain-wide Delegation. If you have already configured OAuth Consent Screen, you can skip this section.

  1. On Google Cloud Platform console, with your project selected, search and click on OAuth Consent Screen.

  2. When you get started with OAuth Consent Screen configuration, choose Internal user type, then click CREATE.

  3. Step 1: OAuth Consent Screen:
    1. Name the app and choose the user that will manage the app within the Google Cloud Platform account.

    2. For the App domain, leave it as blank since it will only be for internal use.

    3. Click +ADD DOMAIN and enter the domain of this Google Cloud Platform account.

      4. For example, if the Google Cloud Platform account I am using is @forticasb.com, then the domain is forticasb.com.

    4. In Developer contact information, enter the e-mail of the person managing the app.
    5. Click SAVE AND CONTINUE.
  4. STEP 2: Scopes:
    1. Click ADD OR REMOVE SCOPES.

    2. Select all scopes of this App and click update to apply the settings.

    3. Review the scopes selected, then click SAVE AND CONTINUE.

    4. Review and confirm all settings are correct in the Summary page, then click BACK TO DASHBOARD, the OAuth consent screen should now be added to the project.

Now the service account is ready to enable Google Workspace Domain-wide Delegation.

Enable Google Workspace Domain-wide Delegation

  1. While the Google Cloud Platform project is selected, search and click on Service Accounts.

  2. Select the service account that will be used for FortiCWP authentication.

  3. Click on the service account. Then in Details, click SHOW DOMAIN-WIDE DELEGATION.
  4. Enable Google Workspace Domain-wide Delegation, and click SAVE.

Previous
Next

Configure OAuth Consent Screen

After your Google service account is created and configured, the Google project needs to have OAuth Consent Screen created and configured to enable Google Workspace Domain-wide Delegation. If you have already configured OAuth Consent Screen, you can skip this section.

  1. On Google Cloud Platform console, with your project selected, search and click on OAuth Consent Screen.

  2. When you get started with OAuth Consent Screen configuration, choose Internal user type, then click CREATE.

  3. Step 1: OAuth Consent Screen:
    1. Name the app and choose the user that will manage the app within the Google Cloud Platform account.

    2. For the App domain, leave it as blank since it will only be for internal use.

    3. Click +ADD DOMAIN and enter the domain of this Google Cloud Platform account.

      4. For example, if the Google Cloud Platform account I am using is @forticasb.com, then the domain is forticasb.com.

    4. In Developer contact information, enter the e-mail of the person managing the app.
    5. Click SAVE AND CONTINUE.
  4. STEP 2: Scopes:
    1. Click ADD OR REMOVE SCOPES.

    2. Select all scopes of this App and click update to apply the settings.

    3. Review the scopes selected, then click SAVE AND CONTINUE.

    4. Review and confirm all settings are correct in the Summary page, then click BACK TO DASHBOARD, the OAuth consent screen should now be added to the project.

Now the service account is ready to enable Google Workspace Domain-wide Delegation.

Enable Google Workspace Domain-wide Delegation

  1. While the Google Cloud Platform project is selected, search and click on Service Accounts.

  2. Select the service account that will be used for FortiCWP authentication.

  3. Click on the service account. Then in Details, click SHOW DOMAIN-WIDE DELEGATION.
  4. Enable Google Workspace Domain-wide Delegation, and click SAVE.

Previous
Next