This section describes how to configure user synchronization settings in Google.
You can also go to IAM & Admin > Service Accounts, and click CREATE SERVICE ACCOUNT.
The service account ID is automatically generated with the specified account name.
The newly created service account is displayed in the Service Accounts list.
A client is created for the service account. You can get the client ID on the DETAILS page of the service account or under APIs & Services > Credentials.
The Create private key for "<your service account>" screen appears.
A private key file in the JSON format is automatically generated and downloaded to your computer. You will need this file when configuring Google as an IdP on TMWS.
https://www.googleapis.com/auth/admin.directory.group.member.readonly https://www.googleapis.com/auth/admin.directory.group.readonly https://www.googleapis.com/auth/admin.directory.user.readonly https://www.googleapis.com/auth/admin.directory.user.security https://www.googleapis.com/auth/admin.directory.domain
The newly-created delegation is displayed in the list.