Google Workspace (G Suite)

Google Workspace Integration Guide

Introduction

Google Workspace (G Suite) is a powerful suite of tools that helps teams collaborate and communicate effectively. It can be integrated with a variety of other tools to streamline workflows and improve efficiency. This guide will walk you through the steps required to integrate Google Workspace with Perimeters.

Available Features

  • Misconfiguration Rules

  • Identity Rules

  • User Inventory

  • User Status

  • Devices Inventory

  • Third Party Application Rules

Prerequisites

  • A Google Workspace (G Suite) Business Starter subscription or higher.

  • A user account within the Google Workspace instance with the required privileges, or alternatively, a Super Admin account.

Required Privileges

Scope
Use

https://www.googleapis.com/auth/userinfo.email

See your primary Google Account email address

https://www.googleapis.com/auth/userinfo.profile

See your personal info, including any personal info you've made publicly available

https://www.googleapis.com/auth/directory.readonly

See your organization's GSuite directory

https://www.googleapis.com/auth/admin.directory.user.readonly

See info about users on your domain

https://www.googleapis.com/auth/admin.directory.user.security

Read permissions for users on your domain

https://www.googleapis.com/auth/admin.directory.rolemanagement.readonly

View delegated admin roles for your domain

https://www.googleapis.com/auth/admin.directory.group.readonly

View groups on your domain

https://www.googleapis.com/auth/admin.directory.device.mobile.readonly

View your mobile devices' metadata

https://www.googleapis.com/auth/admin.directory.device.chromeos.readonly

View your ChromeOS devices' metadata

https://www.googleapis.com/auth/admin.directory.domain.readonly

View domains related to your customers

https://apps-apis.google.com/a/feeds/domain/

View Google Single Sign On information

https://www.googleapis.com/auth/apps.groups.settings

View the settings of a G Suite group

https://www.googleapis.com/auth/admin.reports.audit.readonly

View audit reports for your G Suite domain

https://www.googleapis.com/auth/gmail.readonly

View your email messages and settings

https://www.googleapis.com/auth/gmail.metadata

View your email message metadata such as labels and headers, but not the email body

Onboarding Google Workspace (G Suite) in your Perimeters account

  1. Go to "Integrations" -> Select "Google Workspace" -> Click "+ Add" -> Click "+ Start Integration".

  2. "OAuth" - Click "Sign in with Google" -> Check all the scopes checkboxes and click on "Continue".

  3. Click "Finish" to complete the onboarding process.

Once you have completed these steps, Google Workspace (G Suite) should be successfully integrated with your Perimeters account.

Note : Perimeters uses and transfers information using Google APIs. It does so in accordance with its privacy policy and in compliance with the Google API Services User Data Policy.

Shadow Application

Perimeters.io is a SaaS Security platform designed to help organisations secure their cloud applications.

When a user grants Perimeters.io access to read organisational email metadata, our platform scans the metadata across the entire organization to detect and identify unauthorized or unmanaged SaaS application usage (also known as Shadow IT). Perimeters.io only accesses email metadata, ensuring the security of the email content.

This process provides visibility into third-party applications being used within the organization, helping IT and security teams understand potential risks and take corrective action.

Perimeters.io offers users a clear, secure, and easy-to-use interface to manage application security, monitor SaaS usage, and improve their overall security posture — without requiring login access to view detailed documentation and the purpose of the application.

Prerequisite : Authenticate using the Admin user. (Important : To verify and update user's privileges with required privileges).

Option 1

1) Go to Google Workspace Admin Console -> Security -> Access and data control -> API Controls -> Manage Domain wide delegation. 2) Click -> Add New Client -> Google Consent form should be presented to you with request to grant required privileges. and add clientId as - 100221390259535224628.

3) Examine the permissions and select 'Continue' to grant authorization for your integration.

OR

Option 2

1) Go to App Link

2) Click on Admin Install Perimeters Shadow App

3) On successful installation of Google App return to Perimeters. io portal.

Scope

https://www.googleapis.com/auth/gmail.metadata

https://www.googleapis.com/auth/admin.directory.user.readonly

PreviousGitlabNextHubspot

Last updated