Xkit SiteGuidesAPI ReferenceSupportSign up
Guides

Additional Service Account - Docs

Steps to set up Google Docs Service Account with Xkit

Suggest Edits

Google's Guide: https://developers.google.com/identity/protocols/oauth2/service-account
Authorization protocol: OAuth 2.0

🚧

Important

This guide walks you through how to set up Google Docs if you have already connected with another Google Service Account.

If you have not connected with another Google Service Account before, please see: Google Service Account - Docs.

📘

User Impersonation tokens

Google Service Accounts allow you to retrieve access tokens for any user in a G Suite / Google Workspace account with user impersonation. To get tokens for a specific user, use the provider_user_id query parameter in the Get User Connection API call. See Retrieve user tokens for more information.

1. Add the Google Docs Service Account connector in the Xkit platform.

  • In the Xkit platform, click "New Connector" in the sidebar.
  • Click "Google Docs Service Account".

2. Enable the Google Docs API.

  • In the Google Cloud Platform, use the sidebar to go to the "API & Services" dashboard
  • Click "+ ENABLE APIS AND SERVICES".
  • Search "Google Docs" and click on it.
  • Click "ENABLE".

3. Update Catalog and Connector Settings in Xkit.

  • Return to the Xkit Google Docs Service Account connector page.
  • Adjust Catalog Settings fields to customize how the connector will appear to users and click "Save".
  • Select the requested Scopes and click "Save".

You've now successfully connected Google Docs Service Account with Xkit!

Retrieve user tokens

You'll note that the https://www.googleapis.com/auth/admin.directory.user.readonly scope is required in order to use Google Service Accounts.

Supplying this scope gives you read-only access to the Directory API of the Admin SDK. In order to retrieve tokens for each individual user in a Google Workspace / G Suite organization, you need to:

  1. Enable the Admin SDK for your application in the developer console
  2. Call the List Users endpoint to get a list of all users in an organization
  3. Use each user's email address in the provider_user_id query parameter in the Get User Connection API to retrieve an access token for each user

Each individual access token will enable you to impersonate the specific user.

Updated almost 4 years ago