Google Gsuite

Zercurity can connect to your Google G-suite workspace to provide both SSO integration but also automatic asset association of your system users.

Create integration

../../_images/integrations_google.gsuite.png

Auth scopes

Zercurity requires access to a number scopes within your Google account in order to be effective.

Scope Description
userinfo.email Access to the accounts email address is required to either associate a Zercurity account to a Google account or create a new one.
userinfo.profile Fetch profile information including full name.
openid  
admin.directory.user.readonly Read access to all organisation user information.
admin.directory.user.alias.readonly Read access to all user alias, we mainly use this for linking together users with multiple addresses.
admin.directory.group.readonly Read access to all organisation group information.
admin.directory.group.member.readonly Read access to all organisation group membership information. This information is used to replicate your organisational structure within Zercurity.
admin.directory.rolemanagement.readonly This information is used to link account and IAM roles within Zercurity automatically.
admin.directory.orgunit.readonly Read access to group information
admin.directory.device.chromeos.readonly Read access to devices. Used to enrich network information and discovered assets.
admin.directory.device.mobile.readonly Read access to devices. Used to enrich network information and discovered assets.
admin.reports.audit.readonly Read access to audit data. This used to provide contextual information around security events within Zercurity to and from Google G-suite