Login
    Contents x
    Unleash Link Provisioning
    • 02 Sep 2024
    • 1 Minute to read
    • Contributors
    • Print
    • Dark
      Light
    Contents

    Unleash Link Provisioning

    • Updated on 02 Sep 2024
    • 1 Minute to read
    • Contributors
    • Print
    • Dark
      Light
    Article summary

    Purpose

    Setting up domain-wide delegation allows the Unleash service account to impersonate users from your organization. This will enable Unleash to auto-magically create Links to supported Google Workspace services (such as Google Drive, Gmail, and Google Calendar) as soon as a new user joins your Unleash workspace, instead of the user having to manually set up the Links and authorize Unleash’s access using OAuth. This automatic process is called Link Provisioning. Provisioned links act like regular, manually created links, and can be easily removed by the user if they wish.

    Prerequisites

    The person configuring the domain-wide delegation must be an administrator of the relevant Google Workspace organization.

    Setup

    1. Go to https://admin.google.com/ac/owl/domainwidedelegation and sign in if needed. If you are already signed in and have multiple organizations/domains, ensure you are signed into the correct account for the intended domain.

    2. At the top of the API Clients table, click Add new.

    1. In the dialog that opens, under Client ID, provide the value 101066985626398460460

    2. In the same dialog, under OAuth scopes, add the following scopes (comma-delimited list follows).

    openid
profile
email
<https://www.googleapis.com/auth/admin.directory.user.readonly>
<https://www.googleapis.com/auth/gmail.readonly>
<https://www.googleapis.com/auth/admin.directory.group.readonly>
<https://www.googleapis.com/auth/admin.directory.domain.readonly>
<https://www.googleapis.com/auth/calendar.readonly>
<https://www.googleapis.com/auth/directory.readonly>
<https://www.googleapis.com/auth/userinfo.profile>
<https://www.googleapis.com/auth/drive.photos.readonly>
<https://www.googleapis.com/auth/contacts.readonly>
<https://www.googleapis.com/auth/drive.readonly>
<https://www.googleapis.com/auth/drive.metadata.readonly>
<https://www.googleapis.com/auth/drive.activity.readonly>

    For your convenience, below is the same list of scopes formatted with commas

    openid,profile,email,<https://www.googleapis.com/auth/admin.directory.user.readonly,https://www.googleapis.com/auth/gmail.readonly,https://www.googleapis.com/auth/admin.directory.group.readonly,https://www.googleapis.com/auth/calendar.readonly,https://www.googleapis.com/auth/directory.readonly,https://www.googleapis.com/auth/userinfo.profile,https://www.googleapis.com/auth/drive.photos.readonly,https://www.googleapis.com/auth/contacts.readonly,https://www.googleapis.com/auth/drive.readonly,https://www.googleapis.com/auth/drive.metadata.readonly,https://www.googleapis.com/auth/drive.activity.readonly>

    1. Click the Authorize button

    2. Please notify your Unleash contact that this process has been completed so that we can validate that the setup is successful and configure your requested link provisioning automation.

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout