Google Workspace Service User (RBAC)

There are some actions that regular staff do not have permission to perform, such as:

  • listing the users in the organisation

  • interacting directly with resource calendars


  • Google Workspace Administrative Access


Create a New User

The new user may sit in a different OU to your regular users for security purposes.

To create a new user, if you are not already familiar you can follow these instructions from Google on Creating a Google Workspace User.

Do not assign a password to this user.

It will never have to log on as it will be used solely by the API application.

Assign Permissions

  1. Click the Roles and Privileges tab.

  2. Click Edit.

  3. Click create Custom Role.

  4. On the privileges selection screen, under the 'Admin API Privileges' select the following permissions:

    1. Organization Units: Read

    2. Users: Read

    3. Groups: Read

Last updated