CubeBackup uses Google’s OAuth 2.0 for authorization. To authorize domain-wide data access for a desktop application, an OAuth 2.0 Service account must be employed. Please follow the steps below carefully.
You can find more information about OAuth 2.0 Service accounts here: Using OAuth 2.0 for Server to Server Applications.
Step 1: Input G Suite domain information.
Enter your G Suite domain name and the corresponding administrator account, then click Next.
Step 2: Service account setup.
Based on Google's security policy, third party Apps can only be authorized to access G Suite data through OAuth2.0.
To create an OAuth 2.0 service account:
1. Log in to Google Developers Console .
Google Developers Console does not require an administrator account. A personal Google account, such as [email protected], or [email protected] is just fine.
2. Create a new project named "CubeBackup".
Google Developers Console is a place to manage applications/projects based on Google APIs or Google Cloud Services. Now begin by creating a new project.
3. Enable Google APIs.
The creation of the project may take one or two minutes. After the project has been created, click the newly created project in the project list, and it will become the selected one in your dashboard.
Note: Please make sure this project is the currently active project in your console before continuing! (The name of the currently active project is shown at the upper left corner of the page.)
Now open APIs & services -> Library page from the main menu, select Google Drive API from the G Suite group. On the next page, click ENABLE (If there is any "Create Credentials" message, just ignore it, because service account credentials will be created in the next step). Then go back to Google API Library page, follow the same steps to enable Google Calendar API, Gmail API, Admin SDK, and Contacts API (This API might be located in the Social Group) .
4. Create a Service account.
5. Enter service account information into CubeBackup Wizard.
Copy and paste the Service Account's unique ID and email address into the CubeBackup wizard. Be sure to include the .P12 key file that was generated earlier. Finally, click "Next".
Step 3: Delegate domain-wide authority to the service account.
The operations in this step must be performed by an administrator of your G Suite domain.
1. Log in to your G Suite domain's Admin console (https://admin.google.com) using a domain administrator account.
2. Select Security from the list of controls. If you don't see Security listed, select More controls from the gray bar at the bottom of the page, then select Security from the list of controls. If you can't see the controls, make sure you're signed in as an administrator for the domain.
3. Select API reference, and make sure Enable API access is checked.
4. Select Advanced settings and then click Manage API client access in the Authentication section.
5. In the Client Name field enter the service account's unique client ID.
Note: The service account's "Unique ID" (e.g.,104544540989434), NOT its email should be entered here.
6. In the One or More API Scopes field, copy and paste the list of scopes:
7. Click Authorize.
8. CubeBackup now has the authority to make API calls in your domain. Return to the CubeBackup setup wizard, and click the Test button. If the test is successful, click Next.
Note: If you have carefully followed all instructions, but the Test still failed with the message "G Suite authorization failed! Please check your input and settings", please refer to this post.
Step 4: Select users to backup.
Now you will be prompted to select the user accounts to back up. You may select them all, or any subset, depending on your needs or the storage space available.
Step 5: Additional configuration.
Select which data services to back up. Currently, CubeBackup supports Google Drive, Gmail, Google Calendar, and Google Contacts.
You can also choose the backup interval (daily, every 2 days, weekly, monthly) and schedule the time of day backups will run.
Finally, specify the location for the backup files. Because the data for each G Suite user can be tens of Gigabytes, please ensure there is sufficient disk space available.