Hi Alix,
I’ve been struggling with Service Accounts for Gsuite over the last few weeks but finally managed to get it working! I can confirm that the Service Account works great with unattended robots.
There’s a couple of things you need to keep in mind:
- Service Account can not be used with Gmail account, only with Gsuite (the paid Google services). This is because you need to “Delegate domain wide access” in order for the Service Account to work, and this is not possible in Gmail.
- If using Gsuite you should follow the steps below. I’ve written them from the top of my head, so please let me know if I missed anything…
- Enable Gmail API (only follow “enable APIs” from here, not “create credentials”. That will be explained more clearly in links 2 and 3.) https://docs.uipath.com/activities/docs/about-google-gsuite-activities#enable-apis
- Create Service Account (and download JSON keyfile) Using OAuth 2.0 for Server to Server Applications | Google Identity | Google Developers
- Enable Domain Wide Delegation for the Service Account, copy the Client ID
and
- Ask your Gsuite admin to allow the Domain Wide Delegation (send him the Client ID). It took me a while to find out that you have to enable Domain Wide Delegation both on your own end, as well as on the Admin side. Uso de OAuth 2.0 para aplicaciones de servidor a servidor | Plataforma de identidad en Google | Google Developers
- I think this is it, but I vaguely remember having to set up the Oauth consent screen in GCP as well. If you have to configure the consent screen, just put Application Type = public, make up a name, and put your e-mail as Support Email. The consent screen won’t be shown, as you’re using a Service Account which is pre-authenticated.
Please let me know if this was of any help, and if you managed to get through.