The following prerequisites must be met to integrate with Google Drive:
- Enterprise or Business G Suite license.
- Super Admin account in your organization's G Suite. Super Admins have administrator permissions and access to the Admin console and corresponding actions in the Admin API. This is required to integrate Google Drive with MVISION Cloud via API.
- Data Access permissions. Data Access permissions provide access to specific data. Make sure that the following are selected at Apps > G Suite > Settings for Drive and Docs in Admin Console.
- Offline. Select Allow users to enable offline Docs.
- Drive. Select Allow users to download, install, and use Google Drive for Mac/PC.
- Drive SDK. Permissions that allow the admin to update and configure API access. Learn more here.
- Add-Ons. Select Allow user to install Google Docs add-ons from add-ons store.
NOTE: This is NOT required if you install the Marketplace app as described in Method 1 - Install the Marketplace App. It is required only for Method 2.
- G Suite Audit access. Use the G Suite Admin Console to preconfigure your account for Audit access. Learn more here.
Authorize MVISION Cloud
To grant MVISION Cloud access to your Google Drive account, use either of these two methods.
Method 1 - Install the Marketplace App
- Go to the Google admin console at https://admin.google.com/OauthTosCom...0&pli=1&fral=1
- Specify admin credentials and log in.
- Go to Security > API Controls > App Access Control. On the Apps tab, click Configure New App.
- Search for your OAuth app name (for example, Mcafee Skyhigh for Google) and click Select.
- For App access, select Trusted: Can access all Google services and click Configure.
- Under App Access Control, search for McAfee and confirm the scope of Google API, and click Accept to trust the application.
- The managed app is deployed in the Marketplace.
- To verify that the app is successfully installed, go to https://admin.google.com and navigate to Apps > Marketplace Apps. McAfee MVISION Cloud for Google Drive should be listed here.
- Go to Settings > Service Management, and select your Google Drive instance.
- Click Enable API Access. Log in with your Google GSuite Super Admin account. Once you log in successfully, you'll see a green checkmark and a message that says, "You have successfully enabled API Access."
Method 2 - Manual
- In the G Suite admin console, go to Security > API Controls
- Scroll down and click on Domain-Wide Delegation.
- in the screen Add a new client ID add the following as Client ID:
- For the MVISION Cloud production environment at https://www.myshn.com:
- For the MVISION Cloud EU/Germany/Frankfurt environment at https://www.myshn.eu:
- For the MVISION Cloud Canada environment at https://www.myshn.ca:
- For the MVISION Cloud GovCloud / FEDRAMP environment:
Please contact McAfee Technical Support or your assigned deployment engineer
4. Then, into the field Oauth scopes (comma-delimited), copy and paste the following 10 API scopes:
https://www.googleapis.com/auth/admin.directory.domain.readonly, https://www.googleapis.com/auth/admin.directory.group, https://www.googleapis.com/auth/admin.directory.group.readonly, https://www.googleapis.com/auth/admin.directory.orgunit, https://www.googleapis.com/auth/admin.directory.user, https://www.googleapis.com/auth/admin.directory.user.security, https://www.googleapis.com/auth/admin.reports.audit.readonly, https://www.googleapis.com/auth/admin.reports.usage.readonly, https://www.googleapis.com/auth/drive, https://www.googleapis.com/auth/drive.file
5. Click on Authorize
Once configured this will look similar to this: