The Google project needs to have OAuth Consent Screen created and configured to enable Google Workspace Domain-Wide Delegation when service account is created. Note: If you have already configured OAuth Consent Screen for the project, you can skip this section.
- Go to Google Cloud Platform and log in with your Google Workspace account.
- Click on the project drop-down menu > Select a project. Select an existing project you want to monitor or create a new project by selecting New Project.
- With your project selected, search and click on OAuth Consent Screen.
- When you get started with OAuth Consent Screen configuration, choose Internal user type, then click CREATE.
Step 1: OAuth Consent Screen:
- Name the app and choose the user that will manage the app within the Google Cloud Platform account.
- For the App domain, leave it as blank since it will only be for internal use.
- Click +ADD DOMAIN and enter the domain of this Google Cloud Platform account.
- In Developer contact information, enter the e-mail of the person managing the app.
- Click SAVE AND CONTINUE.
For example, if the Google Cloud Platform account I am using is @forticasb.com, then the domain is forticasb.com.
STEP 2: Scopes:
- Click ADD OR REMOVE SCOPES.
- Select all scopes of this App and click update to apply the settings.
- Review the scopes selected, then click SAVE AND CONTINUE.
- Review and confirm all settings are correct in the Summary page, then click BACK TO DASHBOARD, the OAuth consent screen should now be added to the project.
Now Google Workspace Domain-wide Delegation can be enabled in Configure Service Account.