Google Email Integration with OAuth 2.0

You can set up email integration with the OAuth 2.0 protocol with Microsoft 365 or Google. The instructions below can be applied to incoming or outcoming email integration or both.

Setting up outgoing/incoming email integration with the OAuth 2.0 protocol

Follow these steps to set up the email integration:

Step #1: Setting the Protocol in SysAid

1. In SysAid, go to Settings > Integrations > Email Integration List.

2. Click +New.

3. Go to the Outgoing Email tab.

4. From the Protocol drop-down, select OAuth 2.0.

5. Select Google.

Step #2: Creating a project in Google

1. Navigate to the Google Cloud Platform Console. If you haven't used this Google Cloud Platform Console yet, agree to their terms and conditions.

2. Click Select a project.

3. Click New Project.

4. Enter a Project name, select an Organization and Location, and click Create.

Step #3: Adding Gmail API and Google Calendar API scopes

1. From the navigation menu, select APIs & Services > Library.
   

2. Search for "Gmail API" and select it from the search results.

3. Click Enable.

4. Go back to the API/Service Details page.
   

5. Search for "Google Calendar API" and select it from the search results.

6. Click Enable.

Step #4: Creating a service account

1. In the Google Cloud Platform Console, go to  Credentials.
   

2. Click Create Credentials.

3. Select Service Account.

4. Enter any name for your service account.

5. Click Create.

Step #5: Setting owner access

1. In the 'Grant This Service Account Access to Project' step, click within the Select a role field. 

2. In the window that appears, select Project > Owner.
    

3. Click Continue.

4. Click Done. You will be prompted to configure the OAuth consent screen with information about your application. Click on Configure consent screen.

5. Click Get started.

6. Fill in the App name and User support email (this email address does not have to be the same one as the integrated email) fields, and click Next.

7. Select Internal and click Next.

8. Fill in the Email address field (this email address does not have to be the same one as the integrated email) and click Next.

9. Make sure to agree to the Google API Services: User Data Policy and click Continue.

10. Click Create.

11. Click Create OAuth client.

12. Set the Application type to Web application.
    

13. Enter a name for the application, such as “SysAid Email Integration”, and click Create.

14. Click Download JSON, then click OK.
    

15. Navigate to Data access.

16. Click Add or remove scopes.

17. Enter https://mail.google.com/.

18. Select the option that appears in the drop-down and click on Update.

    Please note:

    If the option you are searching for doesn't appear in the drop-down menu, you may need to enable the API on your account: Click the link for the Google API Library, search for Gmail API, and follow the instructions for enabling the API.
    

19. Repeat the Add Scope process (step #16) and search for https://www.googleapis.com/auth/calendar to add the Google Calendar API.

20. Click Save.

21. From the main navigation menu, select IAM and Admin > Service Accounts.
    

22. Click your new service account and select the check box for Enable G-Suite Domain-wide Delegation.

23. Click Add Key.

24. Click Create new key.
     

25. Select JSON.

26. Click Create.

27. Save the downloaded JSON file to a location on your PC where you can access it later.

28. Click Save

Step #6: Configuring the Google Admin console

1. Navigate to the Google Admin console.

2. Click Security.

3. Navigate to Access and data control > API Controls.

4. Click  Manage Google Services.

5. Make sure Gmail and Calendar are marked as Unrestricted.
    

6. Return to the Advanced Settings screen and select Manage Third-Party App Access.
    

7. Click Configure new app.

8. Select OAuth App Name Or Client ID.

9. In the search box, enter the value of the client_id parameter from your JSON file.

10. Select the application you created.
     

11. Select both Client ID check boxes and click Continue.
     

12. Under App Access, select Trusted Can Access All Google Services.

13. Click Configure.

14. Return to the Advanced Settings screen and select Manage Domain Wide Delegation.
     

15. Click Add New.

16. In the Client ID field, enter the value of the client_id parameter from your JSON file.

17. In the OAuth scopes field, enter https://mail.google.com/ and https://www.googleapis.com/auth/calendar.

18. Click Authorize.

Step #7: Entering the generated values in SysAid:

1. Open the JSON file you generated.

2. Copy the value of the client_id parameter and paste it into the Service Account field in SysAid.

3. Copy the value of the private_key parameter and paste it into the Private Key field in SysAid.

Follow the instructions in the related content below to fill out the rest of the email form. Be sure that the inbox that you set up for incoming email integration is dedicated specifically for incoming email integration with SysAid and not used for any other purposes.

Related content
Email list
Required network access
Email form
Outgoing email
Incoming email
Microsoft 365 Email Integration with OAuth 2.0
Email rules