Enable the API access from the Admin console in order to make requests to the Directory API.
 
To enable the API, log in to your admin account and select Security. If you do not see Security listed, select More controls and then Security from the options shown in the gray box. Select API reference, and then select the checkbox to Enable API access. Save your changes.

Set up a new project in the Google APIs Console and activate Admin SDK service for this project. See the Google APIs Console Help in the upper right corner of the Console page for more information about creating your API project.
 
 Google API console:
 https://code.google.com/apis/console/
 
 Create OAuth 2.0 client ID:
In order to use OAuth 2.0 in your application, you must first generate an OAuth 2.0 client ID by specifying some branding information for your project. Your application uses this client ID when requesting an OAuth 2.0 access token
Specify branding information about your application in the Console's API Access pane. If your project does not yet have an OAuth 2.0 client ID, then you can specify branding information by clicking the "Create an OAuth 2.0 client ID" button, as shown below.

The next window that appears prompts you to enter your application's name (as it would appear to your end customer), and to specify a logo for your application. The only required item is the application's name; however, Google recommends specifying both a name and a logo, if possible. 

The values you specify here are shown to your application's users via the OAuth 2.0 consent page. For more information, see the OAuth 2.0 documentation.
When you're done entering branding information, click Next to choose an application type.
Note: You can change the branding information later by clicking the "Edit branding information" button in the Console's API Access pane, as shown below:

Choosing an application type-
The next step in creating a client ID is indicating what type of application you're creating.

Web applications client id [For Ideascale we are using this type of OAuth client ID]
 
you must specify the site or hostname like following:
 
http://[community host]/a/admin/gapps/auth-return
 
After create web application client id will get following:

Manage third party OAuth Client access

 
To manage third party OAuth client access, log in to your admin account and select Security. If you do not see Security listed, select More controls and then Security from the options shown in the gray box. Select Advance settings, and then select Manage third party OAuth Client access.

User will get following screen:

Add following API scope corresponding client ID:
 https://www.googleapis.com/auth/admin.directory.user
 
 #Configure Google apps setting from community
 
Turn On Google Apps Integration from Community Settings>>Security>>Single SignOn Settings

Provide the following details:
 1. Google Apps Domain
 2. Google Apps Admin Email
          and Save Changes

Did this answer your question?