Overview
This article provides a complete step-by-step guide to configure a Google Cloud OAuth application and required Google Workspace settings for ExSign integration. It includes OAuth setup, required scopes, credential creation, and Gmail routing (SMTP relay, host, and compliance rules).
1. Create New Project in Google Cloud
- Open Google Cloud Console:
https://console.cloud.google.com/
- Sign in using a Google Workspace Admin account
- From the top menu, click Select Project
- Click New Project
- Enter a project name
- Click Create
2. Configure OAuth Consent Screen
- Open Navigation Menu (☰)
- Go to:
APIs & Services → OAuth Consent Screen
- Click Get Started
- Fill in the required App Information:
- App Name
- User Support Email
- Developer Contact Email
- Click Next
- Select User Type: External (for organization-wide usage)
- Click Next
- Enter Contact Information
- Click Finish to complete the OAuth consent screen setup
3. Create OAuth Client Credentials
- Go to:
APIs & Services → Credentials - Click Create Credentials → OAuth Client ID
- Select:
- Application Type: Web Application
- Configure:
- Add Authorized Redirect URI(s) required by your application
- Click Create
- Save the following securely:
858165626979-rq2lr4odobo59bqhnog63qhiv20c6s1b.apps.googleusercontent.com
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
⚠️ These credentials are required for application authentication and must not be shared publicly.
4. Configure OAuth Scopes (Data Access)
Go to:
OAuth Consent Screen → Data Access
This section defines what Google Workspace data the application is allowed to access.
4.1 Your Non-Sensitive Scopes
Non-sensitive scopes are automatically managed by Google and are considered low-risk permissions.
- These scopes do not usually require manual approval.
- They provide basic access for standard application functionality.
- Review them to ensure they match expected application behavior.
👉 No manual configuration is required in most cases for this section.