Seqrite Data Privacy Staging

Google Drive/Gmail

Print Friendly, PDF & Email

To add Google Drive or Gmail instance as a connector in Seqrite Data Privacy, complete the following prerequisite step:

Adding scope and APIs for Google Cloud and Google Admin Console

Steps for adding scope and APIs for Google Cloud anf Google Admin Console:

  1. Create Project
  2. Enable API
  3. Create Credentials
  4. Add Scope
  5. Add Google Connector Configuration in Seqrite Admin Console

1. Create Project

  1. Sign in to the Google Cloud Console (https://console.cloud.google.com/)
  2. Select New Project from the projects drop down.
  3. Click Create Account.
  4. If email address is not available, click Don’t have an email address?
  5. Enter basic details and password.
  6. Verify using a phone number, accept the terms and condition from browser and click Agree and continue.

  7. Click Select a project
  8. Enter project name and click Create.

2. Enable API

  1. In the left navigation menu, click API & Services.
  2. Click +Enable API & Services.
  3. Search and enable following APIs:
    • Gmail
    • Google Drive
    • Admin SDK API
  4. Select Gmail API and click Enable.

    The Gmail API is enabled.

  5. Select Google Drive API and click Enable.

    The Google Drive API is enabled.
  6. Select Admin SDK API and click Enable.

    The Admin SDK API is enabled.

3. Create Credentials

  1. Under API & Services, navigate to Credentials tab.
  2. Click Create Credentials and choose Service account.

  3. Enter required fields.

  4. Leave the optional steps and Click Done.
  5. Click Edit in the Service Accounts section and go to Keys tab.

  6. Click Create new key.

  7. Choose key type as JSON and click Create.


    The JSON file will get downloaded.

4. Adding Scopes

  1. Navigate to Google Domain wide Delegation.(https://admin.google.com/ac/owl/domainwidedelegation)
  2. In the left pane, click Security >> Access and Data Control >> API Controls.
  3. Under Domain wide delegation click Manage Domain Wide Delegation.

  4. Click Add New, enter the clientId (you can find this value inside the JSON credentials file that you downloaded from the Google Cloud Console in the previous step).


  5. Add following scopes under scope:
    • https://www.googleapis.com/auth/gmail.labels
    • https://www.googleapis.com/auth/gmail.readonly
    • https://mail.google.com/
    • https://www.googleapis.com/auth/admin.directory.user.readonly
    • https://www.googleapis.com/auth/drive.readonly
    • https://www.googleapis.com/auth/drive.file
    • https://www.googleapis.com/auth/drive

    6. Note:

    • In Domain-Wide Delegation, scopes define the administrator-approved permission boundaries that control what a service account can do while acting on behalf of users—without requiring individual user consent.
    • You do not need to add all APIs—configure Google Drive connectors only when adding a Google Drive connector, and Gmail APIs only when adding a Gmail connector.

Scope and Their Purpose

Gmail Scope

  1. https://www.googleapis.com/auth/gmail.readonly
    • Purpose: Read emails only
    • Used for: Listing messages, Reading subject/body/from/to, Reading threads
  2. https://www.googleapis.com/auth/gmail.labels
    • Purpose: Work with Gmail labels
  3. https://mail.google.com/
    • Purpose: Full Gmail access

Admin Directory Scope

  • https://www.googleapis.com/auth/admin.directory.user.readonly
    • Purpose: That scope belongs to Admin SDK → Directory API.
      It is used to read Workspace user details.
    • Used for: Fetching users list, Validating user emails, Looking up user details (name, email, status)

Drive Scopes

  1. https://www.googleapis.com/auth/drive.readonly
    • Purpose: Read Drive files only
  2. https://www.googleapis.com/auth/drive.file
    • Purpose: Working only with files the app created/was given access to
  3. https://www.googleapis.com/auth/drive
    • Purpose: Full Drive Access

Add Google Connector Configuration in Seqrite Admin Console

Follow these steps to configure Google Drive/Gmail as a Connector:

  1. In the left navigation pane, click Discovery and Classification and then click Connectors.

    2. Configured Data Sources page is displayed.

  2. Select Google Drive from the configured data source list, and then click Add Instance.
  3. Enter Basic Instance Details and Owner details:
    • Name
    • Admin Email
    • Description
    • Process
    • JSON Credential details
      Note:The Json file downloaded from the Service Account needs to be added under the Json Credentials

    • Data Source Owner: The person who owns the data source and makes technical decisions about it.
    • Business Owner: The person who is responsible for the business decisions about the data source.

  4. Click Check Connection.

    5. If the provided details are accurate, the connection with Google Drive will be established successfully.

  5. Click Next.
  6. Enter the Data Source Scan Availability details.
    This setting defines when the data source is available for on-demand scan, re-indexing scan, or deep scan.

    • Availability: Monthly, weekly or daily
    • Scan Days
    • Available Time

  7. Click Next.
  8. Enter Scan Schedule/Scan Frequency details:
    • Scan Frequency
    • Deep Scan Frequency
      Note:

      • The data source will be available for scanning monthly on selected date.
      • The data source will be scanned based on the user‑defined interval. A deep scan will be performed after the number of scan cycles specified by the user.

  9. Click Add Instance.
    Instance of the data source is added successfully.
Was this page helpful?
Yes No