# Google Workspace Admin integration setup
{% hint style="info" %}
Note: Rewst supports [multi-instance integration](https://docs.rewst.help/documentation/configuration/integrations/multi-instance-integration/multi-instance-integration-setup) for Google Workspace Admin, but generally one instance of Google Workspace Admin is not multi-tenant. You may need a 1:1 relationship between an instance of this integration and a sub-tenant or a Rewst sub-org.
If you’re new to integrations in Rewst, read through our introductory integration documentation [here](https://docs.rewst.help/documentation/integrations).
{% endhint %}
As of May 2025, this integration now supports the following APIs using the generic request action:
* Google Drive
* Gmail
* Group Settings
Rewst customers who set up this integration prior to the additional API support can take advantage of this development by enabling the corresponding API services in the Google Cloud Console, then re-authorizing their integration in Rewst. Set up steps for these API services can be found further down in this document, under the section titled Enable Google APIs.
## **Set up steps in Google**
### **Create a new project**
{% hint style="info" %}
To complete these steps in Google Cloud Console, project Editor or Owner permissions are required.
{% endhint %}
1. Log in to your Google Cloud Console at .
2. Navigate to **Navigation Menu > IAM & Admin > Manage Resources**.
3. Click the **CREATE PROJECT**.
4. Enter a descriptive name for your project that will help you identify it later.
5. If applicable, choose the organization that this project will belong to. You can also leave this as **No organization** if necessary.
6. Optionally, select a **location** for your project. This choice may affect resource availability and pricing.
7. Click **CREATE**.
### Obtain client ID and secret
{% hint style="info" %}
The user who is authorizing this integration in Rewst must have Super Admin access in Google Workspace Admin.
{% endhint %}
1. Choose the GCP project you just created from the project drop-down menu at the top of the page
2. **Click APIs & Services** in the left side menu.
3. Select **Library**.
4. Use the search bar within the API Library to find the `Admin SDK API` and select it from the results.
5. Click **Enable**.
6. Navigate back to the APIs & Services menu. Click **OAuth consent screen**.
7. Select the appropriate user type for your application. Choose **Internal** for this.
8. Enter the necessary information about your application into the relevant fields, including the **App name**, and **User support email.**
9. Click **SAVE AND CONTINUE**.
10. Click **Data Access > Scopes**.
11. Click **ADD OR REMOVE SCOPES**. Select the specific scopes that your application requires access to.
1. Primary Google Admin scopes for Google Cloud services:
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
2. Mailbox Delegation (Gmail API) Scopes:
1.
2.
3.
4.
5.
6.
7.
8.
3. Google Drive shared drive permissions (Drive API) Scopes:
1.
2.
3.
4.
5.
6.
4. Group Settings (Groups API) Scopes:
1.
12. Search for `Admin SDK` in the search box, and select all related scopes.
13. Click **UPDATE**.
14. Navigate to the **Credentials** tab within APIs & Services. Click **CREATE CREDENTIALS** and choose **OAuth client ID** from the drop-down selector.
15. Select **Web Application** as the type of application you're building. This is the most broad and generic option and will always work with Rewst. Other options may not allow the integration to successfully set up.
16. Enter a name for your ID in the **Client ID** field.
17. Enter the following URL under **Authorized Redirect URIs**:
[`https://engine.rewst.io/integrations/google_workspace_admin_sdk/callback`](https://engine.rewst.io/integrations/google_workspace_admin_sdk/callback)
14. After creation, you will be presented with a pop-up window containing your client ID and client secret. Make sure to copy both of these.
### Set up steps in Rewst
1. Navigate to **Marketplace > Integrations** in the left side menu of the Rewst platform.
2. Search for `Google Workspace Admin`.\
\
3. Click on the integration tile to launch set up.
4. Enter the API credentials copied from Google into the relevant fields:
1. **Client ID**
2. **Client Secret**
3. Email / User ID: this should be the one used to authenticate with the API
5. Click **Save Configuration**.
6. Rewst will do a quick validation of your input. Once completed, you'll see a new section beneath the configuration form for[ organization mapping](https://docs.rewst.help/documentation/integrations#what-is-organization-mapping). Complete your mapping as desired.
### Final setup steps in Google
#### Add integration as trusted app
1. Navigate to **Security > Access and Data Control > API controls** in your Google console at [admin.google.com](https://admin.google.com).
2. Click **Accessed Apps > View List**.
3. Search for `Rewst`.
4. Select **Trusted** under **Status**.
5. Check on the box **Allowlist for exemption from API access blocks in context-aware access.**
**Set reauthentication policy for exemption**
1. Navigate to **Security > Google Cloud session control.**
2. Click to expand the **Google Cloud cloud session control** accordion menu.
3. Select **Require authentication**.
4. Check on the box **Exempt trusted apps**.
5. Choose your method under the **Re-authentication method** menu.
6. Click **Save**.
### Enable Google APIs
#### Enable Google Drive API
1. Select your Project from the drop-down selector.
2. Select **APIs and Services** from the left side menu.
3. Search for `Groups Settings API.`
4. Click **Enable**.\
#### Enable Gmail API
1. Select your Project from the drop-down selector.
2. Select **APIs and Services** from the left side menu.
3. Search for `Gmail API.`
4. Click **Enable**.\
#### Enable Group Settings API
1. Select your Project from the drop-down selector.
2. Select **APIs and Services** from the left side menu.
3. Search for `Google Drive API.`
4. Click **Enable**.
{% hint style="success" %}
Got an idea for a new Integration? Rewst is constantly adding new integrations to our integrations page. Submit your idea or upvote existing ideas here in our [Canny feedback collector](https://rewst.canny.io/integrations).
{% endhint %}
## Actions and endpoints
{% hint style="info" %}
For more on how actions work in Rewst, check out our [introductory actions documentation here](https://docs.rewst.help/documentation/workflows/actions-in-rewst).
{% endhint %}
| Category | Action | Description |
| --------- | -------------------------------------------- | ----------------------------------------------------------- |
| Licensing | Assign License | Assign a license |
| Licensing | Get License | Get a specific user's license by product SKU |
| Licensing | List License Assignments for Product | List all users assigned licenses for a specific product |
| Licensing | List License Assignments for Product and SKU | List all users assigned licenses for a specific product SKU |
| Licensing | Revoke License | Revoke a license |
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.rewst.help/documentation/integrations/integration-guides/google-admin/google-workspace-admin-sdk-integration-setup.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
