Connect via Custom Admin Role
Connect Google Workspace to Zluri using a custom admin role
If you wish to delegate Zluri’s Google Workspace integration to a user or group without Super admin credentials, you can assign them a custom admin role. This method requires more manual configuration, but gives greater control over the Zluri features you wish to use.
Prerequisites
- A Google Workspace Business Starter, Business Standard, Business Plus, or Enterprise plan. You can find your payment plan by following these instructions.
Integration steps
Create a custom admin role
-
Log in to the Admin Dashboard, and navigate to Accounts → Admin Roles in the left sidebar.
-
Click Create new role.
-
Give the role a name and description, and click Continue.
-
In the Select privileges step, choose one set of permissions from the table below.
Minimum required privileges: These are the minimum required privileges required for a connection. They enable features like user discovery, identifying opportunities for cost optimization, and fetching role information for conducting access reviews
Maximum required privileges: These let you use every feature that Zluri offers including workflow-related actions such as automated onboarding and offboarding, access remediation, and running continuous optimization workflows.
| Minimum required privileges | Maximum required privileges | |
|---|---|---|
| Admin console privileges | Organizational units: Read Users: Read Domain Settings Reports Security: User Security Management Security: Security Setting | Organizational units: Read, Write Users: Read, Write Domain Settings Reports Security: User Security Management Security: Security Setting |
| Admin API Privileges | User Security Management Billing management: Billing Read Domain Management Groups: Read License Management: License Read Organization Units: Read Domain Allowlist Management: Domain Allowlist Read Users: Read | User Security Management Billing management: Billing Read Domain Management Groups: Read, Write License Management: License Read, License Write Organization Units: Read, Write Domain Allowlist Management: Domain Allowlist Read, Domain Allowlist Write Users: Read, Write |
-
Click Continue, review the privileges, and click Create role.
Assign the role to a user or group
-
Click Assign members.
-
Search for users or groups that you wish to assign the role to, then click Assign role.
Connect Google Workspace to Zluri
-
Visit the Integrations Catalog, search for “workspace”, and click ➕ Connect on the Google Workspace entry.
-
Choose the scopes for the integration, and click Connect. You can click the down-arrow button towards the right of a scope to find out what it does.
-
In the popup window, choose the account that you wish to connect to Zluri.
-
Review the permissions and click Allow.
If you get a “This app is blocked!” error from Google Workspace, it might be due misconfigured third-party app access rules. See our help center article to resolve this.
-
Give the connection a name and add a description. Click Save, and you’re ready to go!
Got questions? Feel free to submit a ticket or contact us directly at [email protected].
Updated about 1 month ago