Google OAuth 2.0 Protocol

This guide analyzes the steps to setup a Google Gmail App to send mails (e.g., automatic notifications), combining OAuth 2.0 client credentials flow, without the user’s interaction.

 

Creating a New Project


  1. Go to Google's Developer Console and click on the button Select A Project under the Navigation Bar at the top of the screen.



  2. Click on the New Project button.



  3. Fill in the name of the Project Name, and if appropriate, select the Organization that your program should be associated with. Then click on Create.

 

Obtaining an OAuth2 Client ID and Secret


After creating a project, the next step is to create the OAuth2 credentials.

  1. Click the  symbol, move down to APIs & Services and then select OAuth consent screen.



  2. Select the External radio item and then click Create.



  3. Fill in the Application name and any other fields that are appropriate for your application and then click Create.



  4. Click + Create Credentials and then select OAuth client ID.



  5. Select the Web application option in the Application type section and then type in a name to use for the OAuth client ID. Once completed, click Create.

    Google OAuth 2.0 Update Image 7.png



  6. At this point, you will be presented with a web dialog that will allow you to copy the Client ID and Client Secret strings into your clipboard to paste them into your program.



  7. Click on the client you just registered and add your redirect URL.

    The URL should be https://{BSS-URL}/core/email/gmail/authCode

Your App Registration is ready.

 

BSS Email Preferences Setup


On BSS, navigate to BSS Setup > Administration > System Options > Organization settings, and under the Email Preferences, at the end of the page, select the Modern authentication mechanism. For the Gmail client fill in the ClientId, the Secret, and the Email you used to create the application on Google.


Then, Save the form.

 

Afterwards, click on the Authorize button.

 

By clicking on the Authorize button, you are redirected to the sign in with Google page where the following steps must by ensued.
First choose your Google account.

 

Then click on the Continue button to proceed.

 

Also, click on Continue to accept the additional access.

 

And you should see the the Status change along with the respective buttons. Now, the user can renew the Authentication or revoke it at will.