Kloudless API Guide

# Kloudless API interaction

  • Connector Category: Storage (gdrive), Calendar (calendar), Email (gmail)
  • Unified APIs Supported: Storage, Calendar, Email, Activity, Team

# Setting up OAuth keys for Google

To set up OAuth keys for Google Drive, sign in to your Kloudless account and go to the Custom OAuth Keys page. Navigate to the Google Drive section and expand the instructions that detail how to set up your Google Drive application.

# Required scopes

Here is a list of the required scopes, or access permissions, needed to access data in Google Drive via Kloudless.

https://www.googleapis.com/auth/userinfo.email  
https://www.googleapis.com/auth/userinfo.profile  
https://www.googleapis.com/auth/drive  
https://www.googleapis.com/auth/drive.activity.readonly

# Configure admin access OAuth keys

Please follow the next steps to provide admin and team data:

  1. Select your project in your Google Developers Console's dashboard.

  2. Click Enable APIs and Services.

  3. Search for the following APIs and Enable each of them:

    All Google services:

    • Admin SDK API
    • Drive Activity API

    Google Drive

    • Drive Activity API
    • Google Drive API

    Google Calendar

    • Google Calendar API

  4. Return to the Google Developers Console dashboard, then navigate to the Credentials page.

  5. If you have already created and configured OAuth 2.0 credentials to authenticate non-admin Google Drive accounts, supply those credentials in your Kloudless Developer portal's Custom OAuth Keys page. Otherwise, create OAuth 2.0 credentials:

    1. Click Create Credentials > OAuth client ID. In the Application type dropdown, select Web Application.

    2. Enter a name and add a redirect URI by clicking Add URI. Enter the URI provided in the Google Drive section of Custom OAuth Keys page in your Kloudless Developer Portal.

    3. Click Create to receive a client ID and client secret to use.

  6. In Credentials page, under the Service accounts section, click Manage service accounts.

  7. Click Create service account. Enter a name for the account, but leave the Select a role dropdown empty. Click Done to create the service account.

  8. Select the service account you just created, located in the Service Accounts page.

  9. From the Add Key dropdown, select Create a new key > P12, then click Create. Save the P12 key file.

  10. Click Edit. Expand the Show domain-wide delegation section and check Enable G Suite Domain-wide Delegation. A Client ID will appear on the page once the setting is saved.

  11. In the Custom OAuth Keys page of your Kloudless Developer portal, expand the section for the service you are configuring. Provide the service account's client ID in the Service account Client ID field, set the Service Account Email field, and upload the P12 key file you saved previously.

  12. Save your configuration.

# Verifying a Google Drive application

If you receive a screen indicating that your application is unverified, you will need to submit your app for verification. See the Google services guide for more information on scopes and unverified apps.

The verification form requires information on the scopes used, which are:

https://www.googleapis.com/auth/admin.directory.user
https://www.googleapis.com/auth/admin.directory.group
https://www.googleapis.com/auth/admin.reports.audit.readonly
https://www.googleapis.com/auth/activity
https://www.googleapis.com/auth/drive
https://www.googleapis.com/auth/drive.activity.readonly

The scopes above are used to identify the user, monitor changes occurring in their account, and access data in their account. More specifically:

  • The Drive scope is used to upload, download, modify, and delete content in the user's Google Drive account, so that the application's features can be accessed and used by users.
  • The Audit and Activity scopes enable the application to be aware of modifications to data within the user's account.
  • The user and group scopes enable user and group data to be updated, as users interact with the application. User data is also used to determine which users to impersonate for admin access to an individual user's data in a G Suite organization.

# Verifying a Google Calendar application

If you receive a screen indicating that your application is unverified, follow the steps here, which link to the form to submit the verification request. The verification form requires information on the scopes used, which are:

https://www.googleapis.com/auth/admin.directory.user
https://www.googleapis.com/auth/admin.directory.group
https://www.googleapis.com/auth/admin.reports.audit.readonly
https://www.googleapis.com/auth/activity
https://www.googleapis.com/auth/calendar
https://www.googleapis.com/auth/contacts
https://www.googleapis.com/auth/admin.directory.resource.calendar.readonly

The scopes above are used to identify the user, monitor changes occurring in their account, and access data in their account. More specifically:

  • The Audit and Activity scopes enable the application to be aware of modifications to data within the user's account.
  • The user and group scopes enable user and group data to be updated, as users interact with the application. User data is also used to determine which users to impersonate for admin access to an individual user's data in a G Suite organization.
  • The calendar scope enables calendars and calendar events to be created, modified, and retrieved by our application.
  • The Admin Directory scope is used to identify other users to invite to meetings.
  • The People API lets users look up their contacts to invite to meetings created via the Calendar API.

# Support

Please contact us at support@kloudless.com with any questions you may have. We'd be happy to help you get set up.

Google Calendar