Skip to main content

Google Workspace Calendar Integration

© 2025 SynergySKY Ltd. All Rights Reserved.

Google Workspace Calendar Integration

Last Updated

Introduction

In order to configure Synergy SKY with the Google Calendar integration, your Google Workspace environment must be prepared. This is done through the following 4 steps:

  • Create a Google Cloud Platform Project or use an existing project
  • Enable three distinct APIs and Services
  • Create a service account or use an existing service account. This account must be given the correct permissions. A private key must be generated and copied to the JOIN server.
  • Appropriate Calendar Access must be given to the Service Account via the Google Workspace Domain

Prerequisites

Step-by-Step Guide
Configuring the Google Cloud Platform

A Google Cloud Console Project is required in order for Synergy SKY to be able to read calendar resource accounts, user accounts and also have access to APIs that enable the Synergy SKY integration.

Create a Google Cloud Platform Project or use an existing Project. The Project will be used for the API integration as well as for the Service Account.

Logging into the Google Cloud Platform console:

  1. Browse to the following URL: https://console.cloud.google.com/iam-admin/serviceaccounts
  2. Log in with your admin user account to manage your Google cloud console.


Creating a Project

(Skip this section if you already have a project you want to add this account to.)

Note: on some occasions, Google fails to create the project and as such, sometimes you may have to create the project twice


mceclip0.png

 

To create new Google Cloud Console project:

  1. Select IAM & Admin
  2. Click the 'Create' button
    mceclip1.png
  3. Fill in your project name, i.e. 'SynergyJOIN'.
  4. Select Create


Choosing an Existing Project

Follow these steps if you already have existing projects you would like to use for this project:

mceclip2.png

  1. Click on the Project Drop down arrow at the top left corner and you will be presented with the 'Select a Project Window'.
  2. Select your desired project and click 'Open'


Enabling API's and Services

You will have to enable API's to work with the project you have created. The API's you will have to enable are Google Calendar API, GMail API & Admin SDK.

  • Google Calendar API - To allow reading and updating resource calendars
  • GMail API - To allow sending email
  • Admin SDK - To allow listing out current available resources from the configuration tool

You have to enable one API at a time.

mceclip3.png

  1. Go to the Menu, Select APIs & Services > Dashboard
    mceclip4.png

  2. Select 'Enable APIs and Services'
    mceclip5.png

  3. You should now be presented with the API Library
    mceclip6.png

  4. You will have to search for the APIs from this screen.

  5. First, Search for 'Google Calendar API'

  6. Select the 'Google Calendar API
    mceclip7.png

  7. Click Enable
    mceclip8.png

  8. Once you have found this API, you will then have to perform a new search for GMail API

  9. Select Enable for the GMail API
    mceclip9.png

  10. Once you have found this API, you will then have to perform a new search for Admin SDK API

  11. Select Enable for the Admin SDK API


Creating the Service Account

mceclip0.png

  1. Select IAM & Admin and Choose 'Service Accounts'

  2. Enter a Service Account Name and select Create
    mceclip2.png

  3. Select the role for this service account. Resource Manager > Organization Administrator. This will allow the service account to manage the meeting room resources.

  4. Once you have selected the role, Click the 'Create Key' Button.


Create a Private Key for Synergy SKY

mceclip3.png

  • On the next screen, choose the JSON radio button and click 'Create'.
    A file will be downloaded to your disk, this is your authentication information to be used by the Synergy SKY software.

  • Upload this file when you are adding the Google API connection:
    mceclip0.png

  • Keep a secure copy of this file, as a new service account is required to be created if its lost.

  • Once you are have moved the file to the correct location and click 'Done' you will be presented with a screen similar to the below with your newly created service account visible in the list
    mceclip4.png


Enable Service accounts to access Calendar Resources

In order to enable Service accounts, find the Service account ID for the service account at https://console.cloud.google.com

mceclip5.png

  1. Select IAM & Admin and Choose 'Service Accounts'mceclip6.png

  2. Click on the service account and copy the unique ID on the following Service account details page. You will need this ID for the next step.

An Administrator of the Google Workspace domain must complete the next steps

Google Admin Console

  1. Browse to the Google Admin Console https://admin.google.com
    mceclip7.png

  2. Select Security from the list of controls. If “Security” is not listed on screen, select MORE CONTROLS” from the grey bar at the bottom of the page to reveal.
    Note: If no controls are listed, make sure you're signed in as an administrator for the domain.
    Security_-_API_controls.png

  3. Select API controls from the list of options
    Manage_Domain_Wide_Delegation.png

  4. Select 'MANAGE DOMAIN WIDE DELEGATION' in the Domain wide delegation section

  5. Click 'Add new' and enter the service account's Client ID or Service account ID (which we copied in the previous step).

In the OAuth scopes field enter this list of scopes:

https://www.googleapis.com/auth/admin.directory.resource.calendar.readonly
- To populate Available Rooms in the JOIN config tool

https://www.googleapis.com/auth/calendar.readonly
- To allow JOIN to access room calendars enabled in JOIN

https://www.googleapis.com/auth/gmail.send
- To allow JOIN to send notifications to its administrators as well as dial-in instructions for certain workflows (e.g. one-time VMRs).

https://www.googleapis.com/auth/calendar
- For workflows requiring calendar invitation updates, such as the green button for Polycom endpoints (if the EWS emulator is not used) or meeting invitation body updates, JOIN also must have a write calendar access for those rooms.

https://www.googleapis.com/auth/calendar.events
- For workflows requiring calendar invitation updates, such as the green button for Polycom endpoints (if the EWS emulator is not used) or meeting invitation body updates, JOIN also must have a write calendar access for those rooms. If no body updates are required and read-only priviledges ares sufficient, then this API scope can be used as a minimum: https://www.googleapis.com/auth/calendar.events.readonly

 

Note: All of the scopes are required for the integration of Synergy SKY with Google Workspace. It is not possible to exclude some of the scopes as this will cause parts of the integration not to work

You can copy and paste the below api scopes as they are into the 'OAuth scopes' field box

https://www.googleapis.com/auth/admin.directory.resource.calendar.readonly, https://www.googleapis.com/auth/calendar,https://www.googleapis.com/auth/calendar.readonly, https://www.googleapis.com/auth/gmail.send,https://www.googleapis.com/auth/calendar.events, https://www.googleapis.com/auth/calendar.events.readonly

 

 

Click Authorize.

The outcome should look like the below example:

API_scopes.png

 


Service-act-on-behalf-of Email

mceclip11.png

  1. Browse to the dashboard and select 'Users'

  2. In the Users section, select the user that you would like to use as the 'service-act-on-behalf-of Email' in Synergy SKY

  3. Scroll down to the 'Admin roles and privileges' section and verify that the user you would like to use has the role of 'Super Admin' enabled.
    mceclip12.png

  4. Once you have verified this, copy the email address from this user and paste this into the 'service-act-on-behalf-of email' text button in the 'General Settings' tab in the Synergy SKY configuration tool.

Related to

Was this article helpful?