Skip to main content
Contact Support

Instructor, no.

Incydr Professional, Enterprise, Horizon, and Gov F2, yes.

Incydr Basic, Advanced, and Gov F1, yes.

HOME
GETTING STARTED
RELEASE NOTES
FAQs
APIs
SYSTEM STATUS
Code42 Support

Permissions required for the Gmail connector

  1. Last updated
  2. Save as PDF

Overview

When you connect Code42 to Gmail, you grant certain permissions to Code42 in your Gmail environment. This article lists the permissions Code42 requires as well as what those permissions allow Code42 to do in your Gmail environment.

Gmail permissions

Permissions your Google Workspace administrator needs

Code42 uses API client access to connect to and monitor file activity in your Google environment. In order to grant third-party services or applications domain-wide delegation or manage API client access in the Google Admin console, you must be a Google Workspace administrator that has the Super Admin role. Code42 cannot collect data from your Google environment when the connection is authorized by a Google Workspace administrator without this role.

Permissions the Code42 service account needs

When a user emails an attachment, we collect information about the attached file and the sender and recipients for the email. To see this file activity, Code42 requires access to your Gmail environment. 

In the configuration steps when you connect Code42 to Gmail, Code42 provides the client ID and scopes for you to enter in your Google Admin console. Code42 uses the following scopes

Copied!
https://www.googleapis.com/auth/admin.directory.domain.readonly
https://www.googleapis.com/auth/admin.directory.customer.readonly
https://www.googleapis.com/auth/admin.directory.group.member.readonly
https://www.googleapis.com/auth/admin.directory.user.readonly
https://www.googleapis.com/auth/gmail.readonly

This set of permissions means Code42 has read-only access to metadata for emails, attached files, and users within that email service. In other words, Code42 cannot make changes to the emails, data, or users in your email environment. In addition, Code42 does not monitor the contents of those files, and does not back up files in the email service.

External resources

Google documentation

Related topics

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
    Available in CrashPlan Cloud
    No
    Available in other/on-premises product plans
    No
    Available in Incydr Basic and Advanced
    Yes
    Available in Incydr Pro, Enterprise, and Horizon
    Yes
    Available in Instructor
    No
    Available in CrashPlan for Small Business
    No
  2. Tags
    This page has no tags.