Skip to main content
Unlisted page
This page is unlisted. Search engines will not index it, and only users having a direct link can access it.

Google Apps

This documentation for the Google Apps integration describes the technical capabilities of this integration, including authorization, scopes/permissions, and utilized endpoints. For more information on how to integrate Google Apps, visit our connection instructions.

Version

This integration utilizes the Google Apps Reports REST API v1.

Base URL

The base URL used for all Google Apps API endpoints:
https://www.googleapis.com/admin/reports/v1

Authentication & Authorization

The DataGrail Google Apps integration connects using OAuth 2.0.

Scopes

The Google Apps integration requires specific scopes that must be granted in order to function for a given capability.

ScopeSystem Detection
https://www.googleapis.com/auth/admin.reports.audit.readonly

Endpoints Utilized

DataGrail uses the following endpoints to authorize and test the connection:

MethodEndpointPurposeDocs
POST/activity/users/all/applications/tokenGet and refresh access token
GEThttps://accounts.google.com/o/oauth2/v2/authRequest authorization
POSThttps://www.googleapis.com/oauth2/v4/tokenGet and refresh access token

Limits

Limits in Google Apps are calculated using the leaky bucket algorithm. All requests that are made after rate limits have been exceeded are throttled and an HTTP 429 Too Many Requests error is returned. Requests succeed again after enough requests have emptied out of the bucket.

  • DataGrail supports requests throttling to stay within 70-80% of specified service rate limits.
  • DataGrail processes API responses with HTTP 429 status to interrupt requests, waiting and retrying (using an exponential backoff strategy).

Capabilities

System Detection

DataGrail provides continuous system detection, delivering a real-time inventory of your data assets.

Data Interactions

DataGrail's System Detection process runs once daily and performs the following actions:

  1. Retrieve all authorization token “authorize” events for a domain. After the initial connection, DataGrail fetches the last 3 months of events. Moving forward, DataGrail fetches new events from after the last processed event.

Endpoints Utilized


 

Need help?
If you have any questions, please reach out to your dedicated CSM or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.