Documentation Index

Fetch the complete documentation index at: https://documentation.sysaid.com/llms.txt

Use this file to discover all available pages before exploring further.

Google Email Integration with OAuth 2.0

  • Updated on Jun 9, 2026
  • Published on Jun 7, 2022
Prev Next

You can set up email integration with the OAuth 2.0 protocol with Microsoft 365 or Google. The instructions below can be applied to incoming or outgoing email integration or both.

Setting up outgoing/incoming email integration with the OAuth 2.0 protocol

Follow these steps to set up the email integration:

Step #1: Setting the Protocol in SysAid

  1. In SysAid, go to Settings > Setup > Email Integration List.

  2. Click +New.

  3. Go to the Outgoing Email tab.

  4. From the Protocol drop-down, select OAuth 2.0.

  5. Select Google.

Step #2: Creating a project in Google

  1. Navigate to the Google Cloud Platform Console. If you haven't used this Google Cloud Platform Console yet, agree to their terms and conditions.

  2. Click Select a project.

  3. Click New Project at the very top left of the screen, next to the Google Cloud logo.

  4. Enter a Project name, select an Organization and Location, and click Create.

Step #3: Adding Gmail API and Google Calendar API scopes

  1. From the navigation menu, select APIs & Services > Enabled APIs & Services.

  2. Click the + ENABLE APIS AND SERVICES button at the top of the page.

  3. Search for Gmail API and select it from the search results.

  4. Click Enable.

  5. Go back to the API Library search page.

  6. Search for Google Calendar API and select it from the search results. Make sure you select the standard API published by Google, not enterprise connectors or migration tools.

  7. Click Enable.

Step #4: Creating a service account

  1. In the Google Cloud Platform Console, go to  IAM & Admin > Credentials.

  2. Click Create Credentials > Service Account.

  3. Enter any name for your service account.

  4. Click Create.

Step #5: Setting owner access

  1. In the 'Grant This Service Account Access to Project' step, click within the Select a role field. 

  2. In the window that appears, select Project > Owner.

  3. Click Continue, then click Done.

  4. You will be prompted to configure the OAuth consent screen. Click on Configure consent screen.

  5. Choose Internal as the User Type and click Create.

  6. On the next screen, fill in the App name, User support email, and Developer contact information fields.

  7. Click Save and Continue.

  8. Make sure to agree to the Google API Services: User Data Policy and click Continue.

  9. Click Create.

  10. Click Create OAuth client.

  11. Set the Application type to Web application.

  12. Enter a name for the application, such as “SysAid Email Integration”, and click Create.

  13. Click Download JSON, then click OK.

  14. Navigate to the Scopes tab.

  15. Click Add or remove scopes. A side drawer will open.

  16. Use the filter table to find the Gmail API, check the box next to https://mail.google.com/ (which grants full read/write/send/delete access), and click Update. Repeat this for the Google Calendar API scope https://www.googleapis.com/auth/calendar).

    Please note:

    If the option you are searching for doesn't appear in the drop-down menu, you may need to enable the API on your account: Click the link for the Google API Library, search for Gmail API, and follow the instructions for enabling the API.

  17. Click Save.

  18. From the main navigation menu, select IAM and Admin > Service Accounts.

  19. Once you click on your newly created Service Account from the list, look at the tabs at the top or scroll down to the section explicitly called Domain-wide Delegation.

  20. Click Manage Domain-Wide Delegation, check the box that says Enable Google Workspace Domain-wide Delegation, and save it.

  21. Click on your Service Account, go to the Keys tab at the top, click Add Key > Create new key, select JSON, and download it.

Step #6: Configuring the Google Admin console

  1. Navigate to the Google Admin console.

  2. Go to Security > Access and data control > API controls. Right on that main page, you will see a card overview for Google Services.

  3. Click the text link there that says Manage Google Services. Find Gmail and Calendar in the list, change their Access status to Unrestricted, and save.

  4. On the API Controls page, look for the App access control section and click Manage Third-Party App Access.

  5. Click Add app > OAuth App Name and Client ID, paste your JSON's client_id

  6. Set it to Trusted.

  7. Go back to the main Security > Access and data control > API controls page. Scroll all the way to the bottom. You will see a dedicated section called Domain-wide delegation.

  8. Click Manage Domain Wide Delegation.

  9. Click Add new at the top of the table. Enter your Client ID, and in the OAuth Scopes field, paste: https://mail.google.com/, https://www.googleapis.com/auth/calendar (separated by a comma).

  10. Click Authorize.

Step #7: Entering the generated values in SysAid:

  1. Open the JSON file you generated.

  2. Copy the value of the client_id parameter and paste it into the Service Account field in SysAid.

  3. Copy the value of the private_key parameter and paste it into the Private Key field in SysAid.

Follow the instructions in the related content below to fill out the rest of the email form. Be sure that the inbox that you set up for incoming email integration is dedicated specifically for incoming email integration with SysAid and not used for any other purposes.

Email processing behavior

When Google Email Integration with OAuth 2.0 is enabled, SysAid continuously monitors the integrated Gmail mailbox for new incoming emails.

All emails sent to the integrated email address are automatically processed by SysAid and used to create service records. Once an email is successfully processed, it is removed from the Inbox to prevent duplicate service record creation.

In Gmail, emails removed by automated integrations are moved to the Trash folder. This behavior is part of Gmail’s standard design for OAuth 2.0–based access and automated message handling.

Emails in the Trash folder are retained for 30 days, after which they are permanently deleted by Google.

Viewing processed emails

To locate emails that were processed and removed from the Inbox, open the Trash folder in Gmail. All processed emails remain available there until the 30-day retention period expires.

Keeping a copy of incoming emails (optional)

If you want to retain a visible copy of all incoming emails, you can configure SysAid to save copies to a dedicated folder.

To do this, go to Settings > Setup > Email > Incoming Email and fill in the Send a copy of the incoming emails to field (available for Enterprise editions only). When configured, SysAid will store a copy of each incoming email in the selected folder instead of relying on the Trash.

Alternatively, Gmail filters and labels can be used to apply a label to incoming emails before they are processed by SysAid.

To learn more, see Incoming Email Integration Form.

Related content
Email list
Required network access
Email form
Outgoing email
Incoming email
Microsoft 365 Email Integration with OAuth 2.0
Email rules

Product
Solutions
Top Features
Company
Connect With Us
Copyright © SysAid Ltd. All Rights Reserved