Google Workspace (G Suite)
  • 2 Minutes To Read
  • Print
  • Share
  • Dark

Google Workspace (G Suite)

  • Print
  • Share
  • Dark

Google Workspace (formerly G Suite) is a collection of cloud computing, productivity, collaboration, device, user, and data management tools developed by Google.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices
  • Users


To connect Axonius to Google Workspace you need to:

  1. Enable Cloud APIs
  2. Create a service account and grant permissions to that service account


  1. Email of an admin account to impersonate – The email of your Google Workspace (G Suite) admin.
  2. JSON Key pair for the service account – Upload the JSON file you have created for your service account. For more details, see the sections below.
  3. Get OAuth Apps - Check this to fetch the OAuth applications used by each user.
This data requires the following additional privilege to your Google Workspace (G Suite) admin account:
  1. For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.


Advanced Settings

  1. Fetch MDM devices (required, default: True) - Select whether to fetch MDM devices from Google Workspace.
    • If enabled, all connections for this adapter will fetch MDM devices.
    • If disabled, all connections for this adapter will not fetch MDM devices.

For details on general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.

Enabling Cloud APIs

To enable the Cloud APIs:

  1. Go to the Google Cloud Console and select the project that you want Axonius to connect to.

  2. Go to APIs & Services -> Dashboard.

  3. Axonius requires the 'Admin SDK' API. Verify that it appears in the list.

If it does not appear in the list, click Enable APIs and Services at the top of the screen, search for Admin SDK. Then click Enable.

Creating a Service Account

To create a service account:

  1. Go to the Google Cloud Console and select the project that you want to create the service account in.

  2. Go to IAM & admin -> Service accounts.

  3. Click Create Service Account and fill in the details.

  4. In the next tab, continue without setting any roles.

  5. Next, click Create Key and create a JSON type key:

  6. Your JSON key will be downloaded. Finish creating the user and go back to the service accounts screen.

  7. Click on the newly created service account and then click the Edit link in the top.

  8. Click Show Domain-Wide Delegation and select Enable G Suite Domain-wide Delegation.

  9. Click Save to finalize the changes.

  10. Go back to the service accounts list. you can now view the client-id for the service account. Copy it.

  11. Open the G Suite Admin Panel and search for Manage API Client Access, then open it.


  1. In the client name field , specify your client id of the service account. In the One or More API Scopes section, specify these scopes:,

if you would like to fetch OAuth applications, add the scope to the list above.


  1. Click Authorize.
Was This Article Helpful?