Configure OAuth for Google Chat

This page describes how to configure OAuth to connect Google Chat to Gemini Enterprise as a data store.

Set up authentication and permissions for Google Chat

To enable Google Chat actions, a Google Cloud administrator must perform the following steps to enable the Google Chat API and set up authentication.

Enable the Google Chat API

In your Google Cloud console project, enable the Google Chat API .

Configure the app

1. After enabling the API, navigate to the Configurationtab and set up your app details as follows:

   • App name: Enter a name for the app (for example, Gemini Enterprise ). Users will see this name when your app sends a message.
   • Avatar URL: Provide the URL for the Gemini Enterprise icon. This icon will appear next to the app name in chat threads.
   • Description: Enter a description (for example, Google Chat app for Gemini Enterprise ).

2. Under App status, ensure that the status is set to LIVE.

3. Click Save.

Create an OAuth app and add scopes

If you don't have an OAuth app, follow these steps. If you already have an OAuth app, skip to Create OAuth client credentials .

1. Go to Google Auth Platform> Overview.

   Go to Auth Platform

2. Click Get started.

3. Enter a name for your OAuth app.

4. In User support email, select a support email address for your application's users to contact with questions about their consent.

5. Under Audience, select the user type for your app:

   • External: Select Externalif you're creating an app for use outside of your Google Workspace organization. This makes the app publicly available to any user with a Google account. If you selected External, add test users:
     1. Click Audience.
     2. Under Test users, click Add users.
     3. Enter your email address and any other authorized test users, then click Save.
   • Internal: Select Internalif the app is restricted to members of a specific Google Cloud organization, limiting access to Google Workspace organizational members only.

6. Click Next.

7. Under Contact Information, enter an email address where you can be notified about any changes to your project.

8. Click Next.

9. Under Finish, review the Google API Services User Data Policy . If you agree, select I agree to the Google API Services: User Data Policy.

10. Click Continue.

11. Click Create.

After you create the app, you can update the OAuth Consent Screen settings in Branding and Audience .

Add scopes

To add the minimum required scopes, follow these steps:

1. In the Google Cloud console, go to Menu menu .
2. Select Data Access from the navigation menu.
3. Click Add or Remove Scopes.
4. Under Manually add scopes, paste the following scopes for Google Chat based on your requirements:

5. Click Add to tableand then click Update.

6. Click Save.

Create OAuth client credentials

This procedure describes how to create a new OAuth client ID for Google Cloud actions. If you already have an OAuth client ID for Google Cloud actions, you can use that client ID and secret for Google Chat actions instead of creating a new one.

1. Go to Google Auth Platform / Clients .

2. Click Create client.

3. For Application type, select Web application.

4. In the Namefield, enter a name for the credential.

5. Skip Authorized JavaScript origins.

6. In the Authorized redirect URIssection, click Add URIand enter the following URI: https://vertexaisearch.cloud.google.com/oauth-redirect

7. Click Create. The newly created credential appears under OAuth 2.0 Client IDs. Open the client you just created and copy the following information:

   • Client ID
   • Client secret