If you want to use a service account as your authentication method for G Suite Password Sync (GSPS), you need to create an account and set it up before you install GSPS.
Complete the steps in Create a service account.
From the Admin console Home page, go to Security API controls.
Under Domain wide delegation, click Manage Domain Wide Delegation.
On the Manage domain wide delegation page, click Add new.
Under Client ID, enter your service account's client ID.
You can find the service account client ID in the JSON file you downloaded when you created the G Suite service account. Alternatively, you can find the client ID in the Google Cloud Platform Console. Click IAM & AdminService accounts, then select your service account.
- In the OAuth scopes field, copy and paste the following scope:
- Click Authorize.
To make sure every scope appears, select the new client ID and click View details.
If they don't, click Edit, enter the missing scopes, and click Authorize. Note that you can't edit the client ID.
- Go back to the Google Cloud Platform Console and click Save.
You're now ready to Add users to your Google domain.
Google, Google Workspace, and related marks and logos are trademarks of Google LLC. All other company and product names are trademarks of the companies with which they are associated.