Register a Google Project for Token Vault

This topic describes the first configuration task in the process of setting up an AutoStore workflow using modern authentication.

Perform this task at the Google API console.

  1. Navigate to https://console.developers.google.com/.
  2. Log in with an existing Google account.
  3. If you have never created a project, click CREATE. If you already have projects, open the projects list at the top, then click New Project.
  4. The New project page opens. Fill out the registration information of the project:
    • Specify a Project name.
    • Change the Project ID or accept the default.
    • Select the Location if available or use the default "No organization".
  5. Click Create.
    Wait for the project to be created. When the notification confirms that the project creation is complete, open the project.
  6. In the panel on the left click Configure consent screen..
    The OAuth consent screen appears.
  7. Select the user type.
    The Internal user type is typically used by GSuite. Select this option to restrict use to users within your organizations. Otherwise choose External.
  8. Click Create.
  9. Fill out the consent screen details.
    The authorization process shows this information when asking the end users to grant permissions for the application to access their cloud resources, so it is advised to pick a meaningful name and other information.
  10. Click Save and Continue.
    The Scopes screen appears.
  11. Click Add or Remove Scopes to open the scope selection.
  12. Select Google Drive API with /auth/drive scope.
    If this is not available from the Filter table,
  13. Click Save and Continue.
  14. Finish the app registration.
  15. Select Credentials on the left. In the panel on the right click + Create Credentials at the top and select OAuth client ID from the list.
  16. Select Web Application type and enter a meaningful name.
  17. Add the Token Vault URI as the Authorized JavaScript origin in the following format https://<FQDN>:<port>.
  18. Enter the URI corresponding to your Token Vault configuration as the Authorized redirect URI in the following format ‘https://<FQDN>:<port>/callback’ where:
    • FQDN is the Fully Qualified Domain Name of the Token Vault machine
    • port is the value of HttpsPort setting in the Token Vault appsettings.json configuration file in case of https usage. For example, https://tokenvaultmachine.testdomain.com:8381/callback. This URI must be the same as the Redirect URI displayed by Token Vault on the Authorization Provider registration page.
  19. Click Create.
  20. Copy the displayed Your Client ID and Your Client Secret values, as these are required for registering a Google Authorization Provider in Token Vault.