Adding Scopes for App Firewall

Delegating domain-wide authority to the service account

The following steps must be performed by an administrator of the Google Apps domain:

  • Go to your Google Apps domain’s Admin console.
  • Select Security from the list of controls. If you don’t see Security listed, select More controls from the gray bar at the bottom of the page, then select Security from the list of controls. If you can’t see the controls, make sure you’re signed in as an administrator for the domain.
  • Select Show more and then Advanced settings from the list of options
  • Select Manage API client access in the Authentication section.




  • In the Client Name field enter:
  • In the One or More API Scopes field enter the list of scopes that your application should be granted access to. For example, if your application needs domain-wide access to the Google reports audit and the Google user security, enter:,
  • Click Authorize.

Our application now has the authority to make API calls as users in your domain.