# G Suite Configuration
This session shows how to configure group, user and role in G Suite.
# Prerequisite
We assume that you already have a OAuth consent screen (opens new window) and Credential (opens new window) created. If not, you can reference Google for help.
Please make sure you save the Client ID and Client Secret.
Notice that we need to turn OAuth consent screen to Internal. In this mode, your app is limited to G Suite users within your organization.
# Create Groups and Users
1.Create a Group
Go to Google Admin console (opens new window).
Select Group:
Click Create group:
Input basic information and click Next:
keep the default value and click CREATE GROUP:
2.Create a User
Back to Google Admin console homepage and select Users:
Click Add new user and input basic information, then click ADD NEW USER:
Refresh the page and the new added user will be shown.
3.Add User to Group
Click Add to groups:
Select the group and click ADD:
# Assign Role to the user
1.Create Read Only Role
Select Admin roles in Google Admin console:
Click Create new role:
Input name and description(optional) of the role and click CONTINUE:
Select privileges for the role. In the Admin API privileges table, select Read for Users and Groups, then click CONTINUE:
Review the selected privileges and click CREATE ROLE:
2.Assign Role
Click ASSIGN ROLE:
Click Assign users:
Select the user and click ASSIGN ROLE 
# Summary
We have shown how to create group, user and role on G Suite. Please make sure to save the following two values for later setting in Datawiza Cloud Management Console.
- Client Id
- Client Secret