Connecting with Google Workspace

Modified on Wed, 14 Jun 2023 at 10:32 AM

To ensure secure access to your Google Workspace domain's data, ATTACK Simulator utilizes a service account that requires access permissions from a domain's super administrator. This guide will provide step-by-step instructions on how to delegate domain-wide authority to this service account.


The integration with third party domains can be easily done on ATTACK Simulator's integration page in just a few steps.


Step 1: Access the Domain-Wide Delegation Page


Start by logging into your Google Workspace domain. Once you are logged in, navigate to the Domain Wide Delegation page. You can manage the access permissions for different service accounts on this page.


Step 2: Add a New API Client


In the Domain Wide Delegation page, locate the section labeled 'API Clients'. Click on 'Add new' to start the process of adding a new client.


Step 3: Fill in the Client ID Field


In the Client ID field, enter the following value: 105397452979172431362. This is the unique identifier for the ATTACK Simulator's service account.


Step 4: Specify the OAuth Scopes


Next, you need to specify the OAuth Scopes. These scopes determine the level of access that the service account has to your Google Workspace data.


In the OAuth Scopes field, enter the following values:

https://www.googleapis.com/auth/admin.directory.user.readonly,https://www.googleapis.com/auth/admin.directory.group.readonly,https://www.googleapis.com/auth/gmail.modify


Each of these scopes grants read-only access to user and group data, as well as the ability to modify Gmail data (like adding emails in your users' inboxes).


Step 5: Authorize the Service Account


Once you have entered all the necessary information, click 'Authorize'. This action will grant the ATTACK Simulator's service account the permissions specified in the OAuth Scopes.


If everything works correctly, you should see the ATTACK Simulator app in your account, along with the authorized scopes. 


Step 6: Validate the Settings


After granting the permissions in your Google Workspace domain, head back to the ATTACK Simulator console to validate that the settings have been configured correctly. Please type your Google Workspace admin account email, click the 'I've added these settings' checkbox and click 'Validate'. This will run a check to ensure that everything is working as expected.


You will need your Google Workspace Admin Email for the validation process


By following these steps, you can successfully connect ATTACK Simulator to the Google Workspace API and ensure secure and controlled access to your domain's data.




Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article