Skip to content
vScope Support Page

Google Workspace

To connect Google Workspace to vScope, you’ll need a super admin account in Google Workspace. This guide walks you through setting up a Google Cloud project with the permissions needed to allow vScope to inventory your Google Workspace directory.

Once connected, vScope can inventory user accounts, groups, and devices from Google Workspace.

Set up a project and service account on Google Cloud Platform

  • Log in to Google Cloud Console with your super admin account. Select Resource and click New Project.

    Creating new project Google Workspace

  • Name your project (e.g., vScope), choose Organization and Location, then click Create.

    Adding Project Name Google Workspace

  • Go to API & Services > Credentials and Add a Service Account by clicking + Create Credentials > Service account.

    APIs and Services Credentials Google Workspace

  • Complete service account details by entering a name and clicking Create and continue.

    Google Workspace Creating Service Account

  • Grant permissions by selecting Owner as the role, then click Continue.

    Create and Grant Service Account in Google Workspace

  • Generate a key: Under the Keys tab, click Add Key > Create new key, select JSON format, and click Create. Save this file securely.

    Creating Key Json Google Workspace

  • Go back to Credentials in the Google Cloud Console and click Configure Consent Screen.

    Configuring Consent Screen Google Workspace

  • Select Internal and click Create. Enter your App name, User support email, and Developer contact information, then click Save and continue.

    Oauth consent screen in Google Workspace

Enable domain-wide delegation and add API scopes

  1. In your Google Admin console, go to API Controls (Show More > Security > Access and data control > API controls), then click Manage Domain-Wide Delegation.

    Admin Console for controll API in Google Workspace

  2. Click Add new and enter the client_id from the key file into “Client ID”. Add the following API scopes (separated by commas) under “One or More API Scopes” and click Authorize:

    https://www.googleapis.com/auth/admin.directory.user.readonly,
    https://www.googleapis.com/auth/admin.directory.group.readonly,
    https://www.googleapis.com/auth/admin.directory.device.chromeos.readonly,
    https://www.googleapis.com/auth/admin.directory.orgunit.readonly,
    https://www.googleapis.com/auth/admin.directory.user.security,
    https://www.googleapis.com/auth/admin.directory.device.mobile.readonly

    Google Workspace Admin Console screenshot highlighting API controls, showing access permissions and configurations for administrators.

Enable API permissions on Google Cloud

  1. Go to APIs & Services > Library in Google Cloud Console and search for Admin SDK.

    API Service Library Google Workspace

  2. Click on Admin SDK and enable it by clicking Enable.

    Enable Admin SDK API Google Workspace

Common Errors

ErrorWhat happened?Suggested action
Error getting access token for service account: 401 UnauthorizedGenerated when the API permissions are insufficient.Ensure that the correct API scopes are set up for vScope in Google Workplace.