Required Permissions

Note
When the connector is configured using client credentials, the refresh token holds the scopes and permissions.

The necessary permissions to manage Google Workspace connector are :

Roles assigned to an Impersonated user on the Google managed system.
Permissions assigned to Service Account Scopes.

Important
The impersonated user should be the IAM User and not the Service Account.

To perform necessary connector operations, refer to the following for minimum Service Account Scopes and Roles for Impersonate User:

Service Account Scopes and Built-in Roles for Impersonate User
Service Account Scopes and Custom Roles for Impersonate User

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Required Permissions

Documentation Feedback