GMail Direct Connection

Background

The Worklytics platform collects and analyzes workplace data at the instruction of Customer Organizations on their behalf, in accordance with our Privacy Policy, Terms of Service, and any customer agreement / laws / regulations which may supersede those terms. The Customer Organization remains the controller of this data and may instruct Worklytics to halt processing and destroy it at any time.

“Data Connectors” conceptualize the collection of workplace data, representing the connection via which Worklytics will collect data from a single data source.

GMail Data Usage

GMail is one data source from which Worklytics collects data for Customer use.

The Worklytics GMail Connector also requires that the Worklytics GSuite Directory Connector be connected to the same Google Workspace tenant (domain).

Worklytics requires the following OAuth scopes to collect GMail data:

  • GMail metadata https://www.googleapis.com/auth/gmail.metadata

Worklytics will also use the data provided via the Worklytics GSuite Directory Connector in support of analysis of GMail data:

  • Admin Directory User - readonly https://www.googleapis.com/auth/admin.directory.user.readonly This scope is used by Worklytics to be able to iterate users within a G Suite organization (tenant), as GMail messages must be queried by user.

  • Admin Directory Group / Group Members - readonly https://www.googleapis.com/auth/admin.directory.group .readonly and https://www.googleapis.com/auth/admin.directory.group.member.readonly. Directory Groups serve as mailing lists. To properly perform analytics, we need to be able to expand mailing lists on email messages. Eg, an email to nyc@worklytics.co we need to understand was to a mailing list of people, and who those people are.

  • Admin Directory User Aliases - readonly https://www.googleapis.com/auth/admin.directory.user.alias.readonly G Suite users commonly have aliases (alternative email addresses). We need to understand these to properly attribute mail to individuals and link up their accounts across tools.

  • Default G Suite Permissions openid, https://www.googleapis.com/auth/userinfo.email, and https://www .googleapis.com/auth/userinfo.profile grant Worklytics access to profile information about the user making the grant. Google requires that all OAuth grants include these scopes. We use them only to identify the tenant to which the user has connected Worklytics.

Connection

GMail is connected via OAuth 2.0 from the Data Connections screen (for US customers/for EU customers) in Worklytics, a G Suite admin must click "Add Connection" then complete the G Suite O Auth instructions to grant Worklytics access to an organization's data. In this flow, a G Suite Admin must explicitly grant the connector data access via the G Suite Admin console.

PreviousDirect ConnectionsNextGMail Data Inventory

Last updated

Company

AboutSecurityPrivacy PolicyTerms of Service

Resources

BlogIntegrationsService StatusSupport

© Worklytics Co.