When installing the Virtru Marketplace app for your domain, you will be asked to grant permissions to your domain directory objects. This installation allows Virtru to reach into your Google Workspace domain to gather the identity objects associated with users.
As a data privacy company, we share your concerns about application security. Virtru only requires information needed to properly integrate with your email on Google Workspace. In this article, we detail the exact permissions required.
At a high-level, the synchronization allows Virtru to:
- Handle aliases - Knowing that a primary userid should have access to encryption keys association for messages sent to aliases
- Identify Google Group membership - knowing that a userid should have access to encryption policies associated with Google Groups
- OU membership - Being able to enforce settings and rules by OU
- Administration Capability - Identify Google Workspace administrators that can request encryption keys on behalf of users on the domain
- Delegated inboxes - Allow delegated users to decrypt messages on behalf of delegates.
You will notice that Virtru is not asking for permission to reach into Google Workspace mailboxes for content. All encryption and decryption occur in Virtru clients and at no time does Virtru's SaaS have access to your content. As we noted, this Marketplace app must be enabled for all users on the domain. If you subset the app to an OU, we are unable to pull in Google Group information since these live outside of the OU structure. This will cause the synchronization to fail behind the scenes.
We are using the Manage Users endpoint in the Google Workspace Directory API. We specifically filter for:
- aliases
- List of the user's alias email addresses
- customerId
- The customer ID to retrieve all account users. You can use the alias my_customer to represent your account's customerId. As a reseller administrator, you can use the resold customer account's customerId. To get a customerId, use the account's primary domain in the domain parameter of a users.list request
- emails
- A list of the user's email addresses
- isAdmin
- Indicates a user with super administrator privileges
- nonEditableAliases
- List of the user's non-editable alias email addresses. These are typically outside the account's primary domain or sub-domain
- orgUnitPath
- The full path of the parent organization associated with the user. If the parent organization is the top-level, it is represented as a forward slash (/)
- primaryEmail
- The user's primary email address. This property is required in a request to create a user account. The primaryEmail must be unique and cannot be an alias of another user
This API dictates the permissions that must be granted to use the Directory API. The Marketplace app will specifically ask for permissions
To gain access to these objects, the Virtru Marketplace requests permissions to:
- View domains related to your customers
- View domain aliases and multi-domains (secondary domains) for your customers
- View groups on your domain
- View details (e.g., name, members) and metadata (e.g., login details) of groups on your domain
- View organization units on your domain
- View metadata (e.g., name and description) of organization units
- View users on your domain
- View details (e.g., name, address, and phone number) and metadata (e.g., login details) of users on your domain
- Know the list of people in your circles, your age range, and language
- View the list of people you've connected to on Google+ and view your age range, and language
- Know who you are on Google
- This app is requesting permission to associate you with your public Google profile
- View your email address
- View the email address associated with your account
- View your basic profile info
- View your full name, profile picture and profile URL. View any publicly available information on your Google+ profile (if you have one or create one in the future) Learn more about your Google+ profile