Google Gsuite

Zercurity can connect to your Google G-suite workspace to provide both SSO integration but also automatic asset association of your system users.

Create integration

../../_images/integrations_google.gsuite.png

Auth scopes

Zercurity requires access to a number scopes within your Google account in order to be effective.

Scope

Description

userinfo.email

Access to the accounts email address is required to either associate a Zercurity account to a Google account or create a new one.

userinfo.profile

Fetch profile information including full name.

openid

admin.directory.user.readonly

Read access to all organisation user information.

admin.directory.user.alias.readonly

Read access to all user alias, we mainly use this for linking together users with multiple addresses.

admin.directory.group.readonly

Read access to all organisation group information.

admin.directory.group.member.readonly

Read access to all organisation group membership information. This information is used to replicate your organisational structure within Zercurity.

admin.directory.rolemanagement.readonly

This information is used to link account and IAM roles within Zercurity automatically.

admin.directory.orgunit.readonly

Read access to group information

admin.directory.device.chromeos.readonly

Read access to devices. Used to enrich network information and discovered assets.

admin.directory.device.mobile.readonly

Read access to devices. Used to enrich network information and discovered assets.

admin.reports.audit.readonly

Read access to audit data. This used to provide contextual information around security events within Zercurity to and from Google G-suite