Versions Compared

Old Version 10

changes.mady.by.user Chris Hyzer (upenn.edu)

Saved on

compared with

New Version 11

changes.mady.by.user Chris Hyzer (upenn.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Signup for GCP
  • Go to IAM & Admin → Groups
  • It will say "This feature requires an organization" and at the bottom of the screen, click the button "GO TO THE CHECKLIST"
  • Follow the instructions to set up cloud identity, verify your domain.
  • In the project allow admin SDK
  • Go back to https://console.cloud.google.com/ IAM & Admin.
  • Under IAM → Permissions, add a new Principal with role Owner.
  • On the left, click on Service Accounts. Create a new service account. Under the newly created service account, create a new key (P12).
  • Under the newly created service account, enable Domain-wide Delegation.
  • Under the newly created service account, under Permissions, add the Principal you added above.

  • Scopes should be:

    Code Block
    https://www.googleapis.com/auth/admin.directory.user https://www.googleapis.com/auth/admin.directory.group https://www.googleapis.com/auth/admin.directory.group.member


  • The user impersonated as needs to be an admin