Configure Google OAuth 2.0 secrets

You must configure your app’s Google OAuth 2.0 secrets in the following cases:

• You would like to use the User Management Service to authenticate users into your app with their existing Microsoft Account.
• You would like to use the Email Service in order to let your app’s users to connect their Microsoft-managed inbox to the app, for sending email directly from the app. For details about this scenario, see Sending email from a Google or Microsoft 365 email address.

Before you proceed, you must first obtain the OAuth 2.0 credentials from Google, see Obtain OAuth 2.0 credentials from Google.

Updating your app’s Google OAuth 2.0 secrets

1. Sign in to the Google Cloud Console (https://console.cloud.google.com) and download your OAuth 2.0 client’s credentials from APIs & Services > Credentials. The name of the downloaded file is client_secrets.json.

   Do not store the downloaded client_secrets.json file in a publicly-accessible location.

2. In the SBS Console, run the updateApp mutation and provide the previously obtained authorization details as parameters to GoogleClientSecret.

mutation update_app($id: ID!, $input: UpdateAppInput!) {
  updateApp(id: $id, input: $input) {
    googleClientSecret {
      web {
        client_id
        auth_uri
        token_uri
        auth_provider_x509_cert_url
        client_secret
        redirect_uri
      }
    }
  }
}

Make sure to replace variables with the values from your client_secrets.json.

{
  "id": "YOUR_APPLICATION_ID",
  "input": {
    "googleClientSecret": {
      "web": {
        "client_id": "YOUR_CLIENT_ID",
        "auth_uri": "YOUR_AUTH_URI",
        "token_uri": "YOUR_TOKEN_URI",
        "auth_provider_x509_cert_url": "YOUR_AUTH_PROVIDER_X509_CERT_URL",
        "client_secret": "YOUR_CLIENT_SECRET",
        "redirect_uri": "YOUR_REDIRECT_URI"
      }
    }
  }
}