TDV Adapter for Google Drive

Build 21.0.8137

Basic Tab

Authenticating to Google Drive

All connections to Google Drive are authenticated using OAuth. The adapter supports using user accounts, service accounts and GCP instance accounts for authentication.

Authenticate with a User Account

AuthScheme must be set to OAuth in all of the user account flows.

See Using OAuth Authentication for a authentication guide covering all the supported methods in detail.

Authenticate with a Service Account

To authenticate using a service account, you must create a new service account and have a copy of the accounts certificate.

For a JSON file, you will need to set these properties:

  • AuthScheme: Required. Set this to OAuthJWT.
  • InitiateOAuth: Required. Set this to GETANDREFRESH.
  • OAuthJWTCertType: Required. Set this to GOOGLEJSON.
  • OAuthJWTCert: Required. Set this to the path to the .json file provided by Google.
  • OAuthJWTSubject: Optional. Only set this value if the service account is part of a GSuite domain and you want to enable delegation. The value of this property should be the email address of the user whose data you want to access.

For a PFX file, you will need to set these properties instead:

  • AuthScheme: Required. Set this to OAuthJWT.
  • InitiateOAuth: Required. Set this to GETANDREFRESH.
  • OAuthJWTCertType: Required. Set this to PFXFILE.
  • OAuthJWTCert: Required. Set this to the path to the .pfx file provided by Google.
  • OAuthJWTCertPassword: Optional. Set this to the .pfx file password. In most cases this will need to be provided since Google encrypts PFX certificates.
  • OAuthJWTCertSubject: Optional. Set this only if you are using a OAuthJWTCertType which stores multiple certificates. Should not be set for PFX certificates generated by Google.
  • OAuthJWTIssuer: Required. Set this to the email address of the service account. This address will usually include the domain iam.gserviceaccount.com.
  • OAuthJWTSubject: Optional. Only set this value if the service account is part of a GSuite domain and you want to enable delegation. The value of this property should be the email address of the user whose data you want to access.

If you do not already have a service account, you can create one by following the procedure in Creating a Custom OAuth App.

Authenticate with a GCP Instance Account

When running on a GCP virtual machine, the adapter can authenticate using a service account tied to the virtual machine. To use this mode, set AuthScheme to GCPInstanceAccount.

Copyright (c) 2022 CData Software, Inc. - All rights reserved.
Build 21.0.8137