Initial Setup Instructions Need Updating (Here's what worked for me)

[adykshorn]

The Initial Setup instructions in the documentation are WAY off. Apparently, Google has changed their interfaces quite a bit since it was written. I was able to get the module to work (and it seems to work great so far! Thanks to all those involved in building this!). I kept some notes as I was figuring out setting things up, hopefully this helpful to someone else. Disclaimer: These steps worked for me in Dec 2023. Things will likely change again in the future. I also don't promise this is the best way to do this, I really don't know what I am doing and this might be super insecure or something. You have been warned.

1. Go to this link -- Make sure you're signed into the correct Google Workspace account. If the account you need is not the default in your browser session, this will probably be easier if you open an incognito tab and sign into the account there.
2. Click the drop down to the right of the "Google Cloud" logo (it will either say "Select a project" or if you have other projects already a name of one them will be in the drop down)
3. In the box that comes up, click "New Project"
4. Give the new project a name. I went with "PSGSuite" and I left the location at "No organization"
5. Back at the "Enable access to APIs" page, click "Next" then "Enable" on the next screen.
6. At the top right of the page click the 3 dot menu button and select "Project Settings" then go to "Service Accounts" -> "Create Service Account"
7. Name your service account (I did PSGSuite) and give it a description if you like. Save the service account email address. You'll need this later. Click "Create and Continue"
8. Assign the service account the "Owner" role
9. On the grant users access to this account section, I left this blank.
10. When you click "Done" you get the list of service accounts. At the end of the row that has the service account you just made is another 3 dot menu button. Click it and select "Manage Keys"
11. Add Key -> Create new key
12. Select "P12" and then Create (the key will automatically download the key file)
13. Back on the list of service accounts, select the 3 dot menu button on the row of your service account and select "Manage Details"
14. Copy and save the Unique ID from this page. You will need it later.
15. Go to your Google Admin console then Security -> Access and Data Control -> API Controls then select Manage Domain Wide Delegation.
16. In the Client ID Field enter the Unique ID you saved from above.
17. In the OAuth field, enter this list: https://apps-apis.google.com/a/feeds/emailsettings/2.0/, https://mail.google.com/, https://sites.google.com/feeds, https://www.google.com/m8/feeds/contacts, https://www.googleapis.com/auth/activity, https://www.googleapis.com/auth/admin.datatransfer, https://www.googleapis.com/auth/admin.directory.customer, https://www.googleapis.com/auth/admin.directory.device.chromeos, https://www.googleapis.com/auth/admin.directory.device.mobile, https://www.googleapis.com/auth/admin.directory.domain, https://www.googleapis.com/auth/admin.directory.group, https://www.googleapis.com/auth/admin.directory.orgunit, https://www.googleapis.com/auth/admin.directory.resource.calendar, https://www.googleapis.com/auth/admin.directory.rolemanagement, https://www.googleapis.com/auth/admin.directory.rolemanagement.readonly, https://www.googleapis.com/auth/admin.directory.user, https://www.googleapis.com/auth/admin.directory.user.readonly, https://www.googleapis.com/auth/admin.directory.user.security, https://www.googleapis.com/auth/admin.directory.userschema, https://www.googleapis.com/auth/admin.reports.audit.readonly, https://www.googleapis.com/auth/admin.reports.usage.readonly, https://www.googleapis.com/auth/apps.groups.settings, https://www.googleapis.com/auth/apps.licensing, https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/chat.bot, https://www.googleapis.com/auth/classroom.announcements, https://www.googleapis.com/auth/classroom.courses, https://www.googleapis.com/auth/classroom.coursework.me, https://www.googleapis.com/auth/classroom.coursework.students, https://www.googleapis.com/auth/classroom.guardianlinks.students, https://www.googleapis.com/auth/classroom.profile.emails, https://www.googleapis.com/auth/classroom.profile.photos, https://www.googleapis.com/auth/classroom.push-notifications, https://www.googleapis.com/auth/classroom.rosters, https://www.googleapis.com/auth/classroom.rosters.readonly, https://www.googleapis.com/auth/drive, https://www.googleapis.com/auth/gmail.settings.basic, https://www.googleapis.com/auth/gmail.settings.sharing, https://www.googleapis.com/auth/plus.login, https://www.googleapis.com/auth/plus.me, https://www.googleapis.com/auth/tasks, https://www.googleapis.com/auth/tasks.readonly, https://www.googleapis.com/auth/userinfo.email, https://www.googleapis.com/auth/userinfo.profile
18. You can find the Customer ID that you need here: https://admin.google.com/ac/accountsettings/profile
19. Now you need to setup the PS Module. Run each of these lines in PowerShell: $P12KeyPath = "C:\PathToYourKey\psgsuite-9999999-xxxxxxxxxxxxxxx.p12" [Replace with correct path] $AppEmail = "psgsuite@psgsuite-9999999.iam.gserviceaccount.com" [Replace with your service account email (saved in step 7)] $AdminEmail = "user@domain.com" [Replace with your google admin email account] $CustomerID = "XXXXXXXXXXX" [Replace with your customer ID] $Domain = "domain.com" [Replace with your Google Workspace domain] $Preference = "Domain" $ServiceAccountClientID = "99999999999999999999" [Replace with your Unique ID from step 14 above]

Now that all these variables are set run this last command to complete the setup: Set-PSGSuiteConfig -ConfigName PSGSuite -SetAsDefaultConfig -P12KeyPath $P12KeyPath -AppEmail $AppEmail -AdminEmail $AdminEmail -CustomerID $CustomerID -Domain $Domain -Preference $Preference -ServiceAccountClientID $ServiceAccountClientID

Thank you, Al Dykshorn ajdtech.com

[DamagedDingo]

Does anyone know how to do this without a service account? There is no "Other" type, and the list has two items that fail.