Skip to content

Google

SaaS Management integrates directly with Google, so you can view all user activity within the application. The integration gives you the usage data you need to make informed decisions on inactive licenses and any renewal or purchasing options. For example, you can view the number of users who accessed Google within a given time range to determine if their licenses are needed. You can also audit apps that have access to your G-Suite.

Integrating with Google

SaaS Management must have Super Admin access to authenticate with Google.

Note

Before you integrate the applications, make sure you have signed out of your individual account within your organization and are signed in to the appropriate service account with the required permissions.

  1. From the SaaS Management navigation menu, select Integrations.
  2. Select the Google tile.
  3. Select Add Integration.
  4. Sign in to your Google account with the appropriate permissions.
  5. Select Allow to accept the requested permissions and complete the integration.

Required Permissions

SaaS Management requires Super Admin access to pull usage data for Google users. SaaS Management requires super admin functionality to read third-party authentications of other users within the organization.

You can authorize with a delegated admin permission, but you will not see any data in SaaS Management's compliance offering.

Requested Scopes

SaaS Management requests the following scopes:

Scope Description
https://www.googleapis.com/auth/userinfo.profile View your basic profile information.
https://www.googleapis.com/auth/userinfo.email View your email address.
https://www.googleapis.com/auth/admin.directory.orgunit.readonly View organization units on your domain.
https://www.googleapis.com/auth/admin.directory.user View users on your domain.
https://www.googleapis.com/auth/admin.directory.user.security View and manage OAuth permissions for users on your domain.
https://www.googleapis.com/auth/admin.reports.audit.readonly View audit reports for your G-Suite domain.
https://www.googleapis.com/auth/admin.reports.usage.readonly View usage reports for your G-Suite domain.
https://www.googleapis.com/auth/apps.licensing View G-Suite licenses for your domain.

User Metadata

SaaS Management pulls the following user metadata from Google. You can filter your usage data by these fields:

Field Description
Admin Indicates whether a user is a Super Admin.
Archived Indicates whether a user is archived.
Delegated Admin Indicates whether the user is a delegated administrator.
Enforced In 2SV Indicates whether 2-Step verification is enforced.
Enrolled In 2SV Indicates whether the user is enrolled in 2-Step verification.
Mailbox Set Up Indicates whether the user's Google mailbox is created.

Note: This property is only applicable if the user has been assigned a Gmail license.
Organizational Units The organizational group that the administrator added the user to. By default, users are placed in the top-level (parent) organizational unit.
Suspended Indicates whether the user's account is suspended.
Suspended Time The time the user was suspended. This field will only have a value if the user is suspended.
Suspension Reason The reason why an administrator or Google suspended the user's account.