Google Console Configuration
Before the Google Workspace module can communicate with Google services, you need to create a Google Cloud project, enable the required APIs, and generate OAuth credentials. This guide walks you through every step.
Step 1: Create a Google Cloud Projectโ
- Go to the Google API Console.
- Click Select a project in the top navigation bar, then click New Project.
- Enter a Project Name (e.g., "Concord CRM Integration").
- Click Create and wait for the project to be provisioned.
- Make sure the new project is selected in the project dropdown.
If you already have a Google Cloud project you want to reuse, select it from the project list instead of creating a new one.
Step 2: Enable Required APIsโ
With your project selected, enable each of the following APIs:
- Navigate to APIs & Services โ Library.
- Search for and enable each API individually:
- Google Drive API
- Google Docs API
- Google Sheets API
- Google Slides API
For each API:
- Click on the API name in the search results.
- Click Enable.
- Wait for confirmation before proceeding to the next one.
All four APIs must be enabled for the module to function correctly. If any API is missing, the corresponding Google service will not be accessible from the CRM.
Step 3: Configure the OAuth Consent Screenโ
- Navigate to APIs & Services โ OAuth consent screen.
- Select the User Type:
- External -- Recommended for most setups. Allows any Google account to authorize.
- Internal -- Only available for Google Workspace (paid) accounts. Limits access to users within your organization.
- Click Create.
- Fill in the required fields:
- App Name -- A name users will see during authorization (e.g., "Concord CRM").
- User Support Email -- Your support email address.
- Developer Contact Information -- Your email address.
- Click Save and Continue through the Scopes and Test Users steps (no changes needed for basic setup).
- Click Back to Dashboard from the Summary tab.
Publishing Statusโ
| Status | HTTPS Required | Notes |
|---|---|---|
| Testing | No | Limited to 100 test users; shows an extra consent warning |
| Production | Yes | Available to all users; your site must use HTTPS |
For initial setup and testing, keep the app in Testing mode. Once you have verified everything works, switch to Production for a seamless authorization experience.
Step 4: Create OAuth Credentialsโ
- Navigate to APIs & Services โ Credentials.
- Click Create Credentials โ OAuth client ID.
- Select Web application as the application type.
- Enter a Name for the credential (e.g., "Concord CRM OAuth").
- Under Authorized redirect URIs, add the following:
https://yourdomain.com/google-workspace/callback
Replace yourdomain.com with the actual domain where your Concord CRM is installed.
- Click Create.
- A dialog will display your Client ID and Client Secret. Copy both values.
The redirect URI must match your Concord CRM installation URL exactly, including the protocol (HTTPS) and path. An incorrect redirect URI will cause authorization to fail.
Step 5: Connect to Concord CRMโ
- Log in to your Concord CRM as an administrator.
- Navigate to the Google Workspace module settings.
- Paste the Client ID and Client Secret from the previous step.
- Click Save & Authorize.
- A Google consent screen will appear. Select your Google account and grant the requested permissions.
- You will be redirected back to Concord CRM. The connection status should now display Authorized.
If your Google Cloud app is in Testing mode, you will see an additional warning screen during authorization. Click Continue to proceed. This warning does not appear in Production mode.
Troubleshootingโ
| Issue | Solution |
|---|---|
| "Error 400: redirect_uri_mismatch" | Verify the redirect URI in Google Cloud matches your CRM URL exactly |
| Authorization fails silently | Ensure all four APIs are enabled in the Google Cloud project |
| "Access blocked: App not verified" | Switch to Production mode or add your account as a test user |
| Connection drops after some time | Re-authorize from the module settings; check token refresh settings |
Security Recommendationsโ
- Restrict OAuth credentials to your specific domain using authorized redirect URIs.
- Use HTTPS for your Concord CRM installation to protect OAuth tokens in transit.
- Review API access periodically in the Google Cloud Console to ensure no unnecessary permissions are granted.
- Rotate credentials if you suspect they have been compromised.
If you need help configuring your Google Cloud project, visit the Themesic Support Ticketing Area for assistance.