Authenticate Against Google Workspace Formerly Gsuite
01 Jun 2021 - sj, tags: archiving, news, product
Google Workspace (formerly Google Suite Business) is a widely used email platform. This blog post describes how to configure piler enterprise to archive emails at Google.
Prerequisites
You have your own domain an Google Workspace and piler enterprise installed.
Register the archive as a web application
Go to https://console.developers.google.com/apis/credentials then click on “Create credentials”, then select “OAuth Client ID”.
Fill the required fields, then click on the “CREATE” button. see the image below. Make sure you use your own archive’s hostname.
Then you’ll see a popup window that “OAuth client created”. Record the client id and the client secret values.
Edit /etc/piler/config-site.php and add the following content:
$config['ENABLE_GOOGLE'] = 1;
$config['GOOGLE_CLIENT_ID'] = '550876791501-no0bpm01sh38ijtvoirc23qempe6v7o8.apps.googleusercontent.com';
$config['GOOGLE_CLIENT_SECRET'] = '-_xFPo7C4SXUWx9TiOy-iiyg';
Configure Google to send a copy of each received email to piler
Visit https://admin.google.com/AdminHome?hl=en#AppDetails:service=email then select “Advanced settings”.
Find the “Routing” section, hover over the “Receiving routing” item, then click “Configure”.
Give a name to the setting, eg. “piler-receiving-rule”.
Check the “Inbound”, and “Internal – receiving” checkboxes under “1. Email messages to affect”.
Check the “Add X-Gm-Original-To header” option.
Right under the “Also deliver to” option check “Add more recipients”, select “Advanced”, then check “Change envelope recipient”, and type the archiving email address at “Replace recipient”.
Click on “Save”, then on “Add setting”.
Do the same for “Sender routing”, except select “Outbound”, and “Internal – sending” at “1. Email messages to affect”
Finally click on the “Save changes” button.
Login for end users
Your users should click on the “Google Workspace” link, then grant permission to the registered web application to read the user’s settings. If all goes well, then the user is redirected back to the archive and has access to his archived emails.
