Fix links and add more info

Maddy-Cloudflare · Maddy-Cloudflare · commit d1d951c9a7b8 · 2024-11-14T12:34:32.000Z
diff --git a/src/content/docs/cloudflare-one/email-security/setup/post-delivery-deployment/bcc-journaling/bcc-setup/gmail-bcc-setup/enable-gmail-integration.mdx b/src/content/docs/cloudflare-one/email-security/setup/post-delivery-deployment/bcc-journaling/bcc-setup/gmail-bcc-setup/enable-gmail-integration.mdx
@@ -8,17 +8,16 @@ sidebar:
 To enable Gmail BCC integration:
 
 1. Log in to [Zero Trust](https://one.dash.cloudflare.com/).
-2. Select **Zero Trust**.
-3. Select **Email Security**.
-4. Select **Monitoring**: If you have not purchased Email Security, select **Contact Sales**. Otherwise, select **Set up**.
-5. Select **BCC/Journaling**.
-6. Select **Integrate with Google** > **Authorize**.
+2. Select **Zero Trust** > **Settings**.
+3. Select **SaaS Integrations**.
+4. Select **Add integration** > **Google Workspace**.
+5. Select **Select Integration**.
 
 ## Create an integration
 
 1. Name your integration, then select **Next**.
 2. Create a Service Account in your GCP Project:
-    1. On the [Google Cloud Console](https://console.cloud.google.com/welcome/new), select **Credentials**.
+    1. On the [Google Cloud Console](https://console.cloud.google.com/welcome/new), go to the sidebar, select **APIs & Services**, then select **Credentials**.
     2. Select **CREATE CREDENTIALS** > **Service account**.
     3. Fill in the details to create a service account:
         - **Service account name**: Enter `Message Retraction Service Account`.
@@ -27,7 +26,7 @@ To enable Gmail BCC integration:
         - Select **CREATE AND CONTINUE**.
     4. In **Grant this service account access to project**, select **Select a role** > Choose **Owner**. Select **CONTINUE**, then select **DONE**.
     5. Go back to **Credentials** on the sidebar, and select your service account under **Service Accounts**. In **Details**, take note of the **Unique ID**.
-    6. Select **Advanced settings** > **VIEW GOOGLE WORKSPACE ADMIN CONSOLE**, then enter your password.
+    6. Select **Advanced settings** > **VIEW GOOGLE WORKSPACE ADMIN CONSOLE**, then enter your password. This will redirect you to the Google admin portal.
     7. On the sidebar, select **Security** > **Access and data control** > **API controls** > Select **MANAGE DOMAIN WIDE DELEGATION**.
     8. Select **Add new** > Add a new client ID:
         - **Client ID**: Enter the **Unique ID** you took note of in step 5.
@@ -37,27 +36,30 @@ To enable Gmail BCC integration:
             https://www.googleapis.com/auth/admin.directory.user.readonly, https://www.googleapis.com/auth/admin.directory.group.readonly, https://www.googleapis.com/auth/admin.directory.user.alias.readonly, https://www.googleapis.com/auth/gmail.labels, https://mail.google.com/
             ```
         - Select **AUTHORIZE**.
-3. **Create a JSON Key for your Service Account**:  
-    - On the sidebar, select **Service Accounts**.
+3. **Create a JSON Key for your Service Account**: 
+    - On the [Google Cloud Console](https://console.cloud.google.com/welcome/new), select **Service Accounts** on the sidebar:
     - Select the three dots, then:
         - Select **Manage keys**.
         - Select **ADD KEY** > **Create new key**.
         - Select **JSON** > Select **CREATE**. This downloads a `.json` file which you will use at a later stage.
-4. **Upload JSON Key**: Upload the `.json` file downloaded from step 3.
-5. **Enable Necessary Google Workspace APIs in GCP**: Select the links below to enable each API:
+4. **Upload JSON Key**: On the [Zero Trust dashboard](https://one.dash.cloudflare.com/), upload the `.json` file downloaded on step 3.
+5. **Enable Necessary Google Workspace APIs in GCP**: Enable the following APIs on the Google Cloud Console:
     - [Enable Google Calendar API](https://console.cloud.google.com/apis/library/calendar-json.googleapis.com?project=winter-surf-439414-h1)
     - [Enable Google Drive API](https://console.cloud.google.com/apis/library/drive.googleapis.com?project=winter-surf-439414-h1)
     - [Enable Google Admin SDK API](https://console.cloud.google.com/apis/library/admin.googleapis.com?project=winter-surf-439414-h1)
     - [Enable Gmail API](https://console.cloud.google.com/apis/library/gmail.googleapis.com?project=winter-surf-439414-h1)
-    - [Enable Google Service Usage API]([https://console.cloud.google.com/apis/library/serviceusage.googleapis.com?project=winter-surf-439414-h1](https://console.cloud.google.com/apis/library/serviceusage.googleapis.com?project=winter-surf-439414-h1))
-6. **Log in to Google Workspace Admin Console**: Here, you will be given the service account Domain Wide Delegation from the admin console.
-7. **Create a Domain-Wide Delegation API Client**: Use the Client ID and copy the scopes to create a new API client. Refer to [Delegate domain-wide authority to your service account]([https://cloud.google.com/chronicle/docs/soar/marketplace-integrations/google-alert-center?_gl=1*skktsb*_ga*MTMxODg5NDExMy4xNzI5NjA1MzYy*_ga_WH2QY8WWF5*MTcyOTc3MDg2Ny40LjEuMTcyOTc3MDg5OC4yOS4wLjA.#delegate_domain-wide_authority_to_your_service_account](https://cloud.google.com/chronicle/docs/soar/marketplace-integrations/google-alert-center?_gl=1*skktsb*_ga*MTMxODg5NDExMy4xNzI5NjA1MzYy*_ga_WH2QY8WWF5*MTcyOTc3MDg2Ny40LjEuMTcyOTc3MDg5OC4yOS4wLjA.#delegate_domain-wide_authority_to_your_service_account)). Then, select **Next**.
+    - [Enable Google Service Usage API](https://console.cloud.google.com/apis/library/serviceusage.googleapis.com?project=winter-surf-439414-h1)
+6. **Log in to Google Workspace Admin Console**: Enter your password and log in to the Google Workspace Admin Console.
+7. **Create a Domain-Wide Delegation API Client**: 
+    - Copy the **Client ID** and **Scopes** displayed on the Zero Trust dashboard.
+    - On Google Admin, go to **Security** > **Access and data control** > **API controls**.
+    - Select **MANAGE DOMAIN WIDE DELEGATION** > **Add new**.
+    - Use the Client ID and copy the scopes to create a new API client. Refer to [Delegate domain-wide authority to your service account](https://cloud.google.com/chronicle/docs/soar/marketplace-integrations/google-alert-center?_gl=1*skktsb*_ga*MTMxODg5NDExMy4xNzI5NjA1MzYy*_ga_WH2QY8WWF5*MTcyOTc3MDg2Ny40LjEuMTcyOTc3MDg5OC4yOS4wLjA.#delegate_domain-wide_authority_to_your_service_account). Then, select **Next**.
 8. **Confirm Workspace Administrator Email**: Enter the email associated with the Google Workspace Administrator account. Your email must match the email associated with your Google Workspace account, or else your integration will not work.
 9. Select **Create integration**.
 10. Once you created your integration, you will be redirected to the **Review details** page, where you will be able to review **Integration details**. 
 11. Review your details, then select **Complete Email Security set up** > **Continue to Email Security**.
 
-
 ## Next steps
 
-Now that you have created an integration, you will need to [connect your domains](/cloudflare-one/email-security/setup/post-delivery-deployment/bcc-journaling/bcc-setup/gmail-bcc-setup/connect-domains/) for Email Security to start scanning your inbox.
+Now that you have created an integration, you will need to [connect your domains](/cloudflare-one/email-security/setup/post-delivery-deployment/bcc-journaling/bcc-setup/gmail-bcc-setup/connect-domains/) for Email Security to start scanning your inbox.
