Google Integration Guide

Amir Avitzur
Amir Avitzur
  • Updated

Integrating Google with Authomize

Integration with Google provides visibility about your organization’s identities and assets and their access across all of your Google stack, such as your cloud resources in GCP, your data in Google Drive, and your identities and their connected applications in your Google Admin Directory.

Google integration workflow



Start in Authomize

  1. Log into Authomize
  2. Go to Settings/Data Sources and click Google Admin Directory.
  3. Alternatively, click Add New App and then select the Google Admin Directory.

This opens the Update Google Cloud Platform Integration dialog.

  1. In the Integrate Google Cloud Platform dialog:

          Step 1.  Click Go to Google store.
          This open’s Google’s Marketplace (to the Authomize page).

Continue in Google Marketplace

  1. On the Authomize page in GCP Marketplace (
    click Admin Install.

If you agree to installing Authomize across your Google Workspace, click Continue.

  1. At this point, a list of all the permissions needed by Authomize for the integration are displayed.
    To continue, click the agree checkbox and then click FINISH.

Note: You can use GCP to limit these further.

  1. If, at this point, you go to Google Apps (Google_Apps_Button_25x25.png), you will see that Authomize was installed.
      13_Authomize_Installed_on_Google_Notice.png 14_Authomize_Installed_on_Google_Apps.png

Return to Authomize GCP Integration page

  1. Fill in the remaining steps with info from GCP.

 Step 2. Enter GSuite admin email address and Organization ID.

You can find your Customer ID at:

Step 3. Check/uncheck the Allow Authorize to update access policies.

Step 4. Enter a name for this integration

Step 5. Enter an integration owner’s email.

Click Integrate.

5.  Integration will continue in the background. You can come back to check any time
     When Google is integrated you will see three entries in your Connected Apps list.


What data is collected

Google Admin Directory

  • User Data
    • User name
    • User admin roles
    • Last login
  • User Groups
    • Group name
    • Group member name

Google Cloud Platform

  • Cloud Assets
  • GCP Account
  • Server Names

Google Drive

  • Personal drives
  • Shared drive
  • Files/Folders permissions
  • Who has access to them

Google Calendar

  • Personal calendar names
  • Shared calendar names
  • Who can see calendars

Enabling Write Access (File Share Removal Policies)

In order to enable file-sharing policies to take automatic remediation actions, Authomize needs write access to Google Drive. To do so:

  1. Log in to Google Admin console:
  2. Security -> Access and data control -> API controls -> Domain-wide Delegation
  3. Click on Add new and add the following details:
    • Client ID: 117121108233648975035
    • OAuth scopes:


This additional set of permissions is used solely for revoking file shares. 

Share this

Was this article helpful?

0 out of 0 found this helpful