Connect via Custom Admin Role

Connect Google Workspace to Zluri using a custom admin role

If you wish to delegate Zluri’s Google Workspace integration to a user or group without Super admin credentials, you can assign them a custom admin role. This method requires more manual configuration, but gives greater control over the Zluri features you wish to use.

Prerequisites

  • A Google Workspace Business Starter, Business Standard, Business Plus, or Enterprise plan. You can find your payment plan by following these instructions.

Integration steps

Create a custom admin role

  1. Log in to the Admin Dashboard, and navigate to AccountsAdmin Roles in the left sidebar.

  1. Click Create new role.

  1. Give the role a name and description, and click Continue.

  1. In the Select privileges step, choose one set of permissions from the table below.

    Minimum required privileges: These are the minimum required privileges required for a connection. They enable features like user discovery, identifying opportunities for cost optimization, and fetching role information for conducting access reviews

    Maximum required privileges: These let you use every feature that Zluri offers including workflow-related actions such as automated onboarding and offboarding, access remediation, and running continuous optimization workflows.

Minimum required privilegesMaximum required privileges
Admin console privilegesOrganizational units: Read
Users: Read
Domain Settings
Reports
Security: User Security Management
Security: Security Setting
Organizational units: Read, Write
Users: Read, Write
Domain Settings
Reports
Security: User Security Management
Security: Security Setting
Admin API PrivilegesUser Security Management
Billing management: Billing Read
Domain Management
Groups: Read
License Management: License Read
Organization Units: Read
Domain Allowlist Management: Domain Allowlist Read
Users: Read
User Security Management
Billing management: Billing Read
Domain Management
Groups: Read, Write
License Management: License Read, License Write
Organization Units: Read, Write
Domain Allowlist Management: Domain Allowlist Read, Domain Allowlist Write
Users: Read, Write
  1. Click Continue, review the privileges, and click Create role.

Assign the role to a user or group

  1. Click Assign members.

  1. Search for users or groups that you wish to assign the role to, then click Assign role.

Connect Google Workspace to Zluri

  1. Visit the Integrations Catalog, search for “workspace”, and click ➕ Connect on the Google Workspace entry.

  1. Choose the scopes for the integration, and click Connect. You can click the down-arrow button towards the right of a scope to find out what it does.

  2. In the popup window, choose the account that you wish to connect to Zluri.

  3. Review the permissions and click Allow.

🚧

If you get a “This app is blocked!” error from Google Workspace, it might be due misconfigured third-party app access rules. See our help center article to resolve this.

  1. Give the connection a name and add a description. Click Save, and you’re ready to go!

Got questions? Feel free to submit a ticket or contact us directly at [email protected].