Signing up with Google Identity / Google Workspace
Create a new Service Account
Visit https://console.cloud.google.com/iam-admin/serviceaccounts and select or create a project.
Create Service Account
Fill in the required service account details and click
- Select the newly created service account, navigate to the
Keystab and click
Add Key, select
JSONand save the key.
Service Account Email,
Client IDand the saved key file at hand
Add newand fill out the
Client ID, add the following scopes, and click
Fill in the
Service Account Emailand the copy the contents of the downloaded JSON file into the
Service Account Config
Click the Signup button.
Follow the Google login process.
You are now signed in to the XplicitTrust admin portal:
Why is a Google IAM Service Account required?
To allow XplicitTrust to query the
isAdmin attribute and the group membership
of users as well as fetching existing user groups for the group import, a service
account has to be created that has the following scopes from the
Admin SDK API :
|Read group information.
|Required by the
Import feature, that allows to import groups from the Google Directory to be used in XplicitTrust
|Read user information.
|Required to read the users
isAdmin attribute, that indicates a user with administrator privileges.