Configure OAuth for Google Calendar

This page describes how to configure OAuth to connect Google Calendar to Gemini Enterprise as a data store.

Set up authentication and permissions for Google Calendar

To enable Google Calendar actions, a Google Cloud administrator must perform the following steps to enable the Google Calendar API and set up authentication.

Enable the Google Calendar API

In the Google Cloud console, enable the following APIs:

• Enable the Google Calendar API.

• Enable the Google People API.

Create an OAuth app and add scopes

If you don't have an OAuth app, follow these steps. If you already have an OAuth app, skip to Create an OAuth client credentials.

1. Go to Google Auth Platform / Overview.

2. Click Get started.

3. Enter a name for your OAuth app.

4. In User support email, select a support email address for the users of your application to contact with questions about their consent.

5. Under Audience, select the user type for your app:

   • External: Select External if you're creating an app for use outside of your Google Workspace organization. This makes the app publicly available to any user with a Google account. If you selected External for user type, add test users:
     1. Click Audience.
     2. Under Test users, click Add users.
     3. Enter your email address and any other authorized test users, then click Save.
   • Internal: Select Internal if the app is restricted to members of a specific Google Cloud organization, limiting access to Google Workspace organizational members only.

6. Click Next.

7. Under Contact Information, enter an email address where you can be notified about any changes to your project.

8. Click Next.

9. Under Finish, review the Google API Services User Data Policy. If you agree, select I agree to the Google API Services: User Data Policy.

10. Click Continue.

11. Click Create.

After you create the app, you can update the OAuth Consent Screen settings in Branding and Audience.

Add scopes

To add the minimum required scopes, follow these steps:

1. In the Google Cloud console, go to Menu menu.
2. Select Data Access from the navigation menu.
3. Click Add or Remove Scopes.

4. Under Manually add scopes, paste the following scopes for Google Calendar as per your requirement:

   Connection mode	Scope	Purpose
   Federated search	https://www.googleapis.com/auth/calendar.readonly	Minimum permission for federated search and read-only actions.
   Federated search and Actions	https://www.googleapis.com/auth/calendar.readonly	Required for read access when performing write actions like creating events.
   	https://www.googleapis.com/auth/calendar.events	Required to create calendar events.
   	https://www.googleapis.com/auth/calendar.calendars	Required to update calendar event metadata.

5. Click Add to table and then click Update.

6. Click Save.

Create OAuth client credentials

This procedure describes how to create a new OAuth client ID for Google Cloud actions. If you already have an OAuth client ID for Google Cloud actions, you can use that client ID and secret for Google Calendar actions instead of creating a new one.

1. Go to Google Auth Platform / Clients.

2. Click Create client.

3. For Application type, select Web application.

4. In the Name field, type a name for the credential.

5. Skip Authorized JavaScript origins.

6. In the Authorized redirect URIs section, click Add URI and enter the following URI: https://vertexaisearch.cloud.google.com/oauth-redirect

7. Click Create. The newly created credential appears under OAuth 2.0 Client IDs. Open the client that you have created and copy the following information:

   • Client ID
   • Client secret