Troubleshoot Google Services API client issues

Updated

Overview

Incydr's Google Drive and Gmail data connections add a Google Services API client to your organization's Google Workspace when you authorize the connection. Incydr uses this API client to monitor file sharing and attachment activity in your Google Drive or Gmail environments. Monitoring stops and Incydr displays an error in the data connection's details when the API client:

  • Does not have the permissions required to monitor activity in your Google Workspace
  • Is accidentally deleted

This article helps you resolve the issue and return the connection to the Monitoring state.

The Google Services API client differs from API clients used to work with the Incydr API
Keep in mind that the Google Services API client is different from API clients that you use to access and use the Incydr API.

Affects

This problem affects Google Drive and Gmail data connections in Incydr.

When the Google Services API client in Google Workspace either does not have the correct permissions or has been deleted, the following message appears in the data connection's details:

There was an issue with the connection to Google Drive/Gmail. Incydr is not monitoring activity.

The Google Services API client in your Google Admin console (Client ID: <IDstring>) does not have the right permissions or does not exist.

The next sentences in the error message vary, depending on the connector type:

  • Google Drive: Deauthorize and resume monitoring this data connector to resolve the issue. Validate the Incydr API client's client ID and scopes are configured correctly.
  • Gmail: Deauthorize this data connector and set up a new Google Gmail data connection to resolve this issue.

Recommended solution

Google Drive

  1. Sign in to the Incydr console.
  2. Go to Administration > Integrations > Data Connections.
  3. Locate the Google Drive data connection in the table, then click View details  .
  4. When the details panel opens, click Deauthorize to deauthorize the connection.
    A confirmation message appears.
    1. Click Deauthorize.
    2. At the "Remove access" step, click Close.
  5. On the Data Connections screen, click View details   to reopen the Google Drive connection's details.
  6. Click Resume monitoring.
  7. Follow the prompts to reauthorize Incydr's connection to Google Drive. During the "Connect" step, verify that you copy the Client ID and OAuth scopes correctly from the Incydr console to the Google Services API client.
    1. Go to your Google Admin console and log in using your Google Workspace administrator username and password.

      Requires Super Admin role
      This email address must be associated with a Google Workspace administrator that has the Super Admin role.
    2. Go to Security > Access and data control > API controls. 
    3. Click Manage domain wide delegation in the Domain-wide delegation panel.
    4. In the Domain-wide delegation page, click View details for the Google Services entry in the list.
      • Verify that the Client ID matches the Client ID listed in the Incydr console. If not, delete the Google Services API client from the Google Admin console, then return to the Incydr console and set up a new data connection to your Google Drive environment.
      • Verify that the Scopes match the OAuth scopes listed in the Incydr console. If not, click Edit to add any missing scopes.
    5. Click Authorize.
      The Incydr cloud storage data connection is added to the API clients table.

Gmail

  1. Sign in to the Incydr console.
  2. Go to Administration > Integrations > Data Connections.
  3. Locate the Gmail data connection in the table, then click View details  .
    The details panel opens.
  4. Click Deauthorize to deauthorize the connection.
    A confirmation message appears.
  5. Click Deauthorize.
  6. (Optional) Follow the steps to remove Incydr's access to your Gmail environment using the Google Admin console. Then, return to the Incydr console and click Close.
    It's not required to remove Incydr's access from your Gmail environment. Incydr immediately stops monitoring Gmail when you deauthorize the connection. Removing Incydr's access in your Google Workspace can increase security, however.
  7. On the Data Connections screen, click Add data connection and add a new connection to your Gmail environment.

External resources

Google

Related topics

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.