Zercurity can connect to your Google G-suite workspace to provide both SSO integration but also automatic asset association of your system users.
Zercurity requires access to a number scopes within your Google account in order to be effective.
|userinfo.email||Access to the accounts email address is required to either associate a Zercurity account to a Google account or create a new one.|
|userinfo.profile||Fetch profile information including full name.|
|admin.directory.user.readonly||Read access to all organisation user information.|
|admin.directory.user.alias.readonly||Read access to all user alias, we mainly use this for linking together users with multiple addresses.|
|admin.directory.group.readonly||Read access to all organisation group information.|
|admin.directory.group.member.readonly||Read access to all organisation group membership information. This information is used to replicate your organisational structure within Zercurity.|
|admin.directory.rolemanagement.readonly||This information is used to link account and IAM roles within Zercurity automatically.|
|admin.directory.orgunit.readonly||Read access to group information|
|admin.directory.device.chromeos.readonly||Read access to devices. Used to enrich network information and discovered assets.|
|admin.directory.device.mobile.readonly||Read access to devices. Used to enrich network information and discovered assets.|
|admin.reports.audit.readonly||Read access to audit data. This used to provide contextual information around security events within Zercurity to and from Google G-suite|