Google Workspace

Samurai [Local] Collector	Samurai [Cloud] Collector

To complete this Integration you will need to perform steps in both Google Workspace and the Samurai MDR portal.

The Google Workspace integration leverages two APIs which are part of the Admin SDK API

Follow the steps below:

1. From Google Workspace

Enable the Admin SDK API
Create a service account
Create credentials for the service account
Delegate domain-wide authority to the service account

2. From the Samurai MDR portal

Complete the Google Workspace Alert Center integration

Enable the Admin SDK API

Follow the Google API Console Help documentation:

Enable and disable APIs

A Google API Console project is required and will be created during the steps.

Ensure you login to the Google Console as a super administrator and use the following parameters when completing the steps:

Documentation Step	Field Name	Parameter
2	Project Name	Anything you want but we recommend “SamuraiAPI”
2	Organization	The name of your organization
2	Location	Anything you want
4	API Library	Select and enable against the project created in Step 2: “Admin SDK API” “Google Workspace Alert Center API”

Review the API Console Help pages if you require more information on Google APIs.

Create a service account

Follow the steps outlined within the Google documentation:

Create a service account

Ensure you have the Project selected that you created in Enable the Admin SDK API.

Ignore the optional steps 4 and 6 when creating the service account.

Use the following parameters when completing the steps:

Documentation Step	Field Name	Parameter
3	Service Account Name	Anything you want but we recommend “SamuraiAPI”
3	Service Account ID	Anything you want but we recommend “SamuraiAPI”
3	Service Account Description	Anything you want but we recommend “SamuraiAPI”

Take note of the Service Account email address in Step 3 as it will be needed when you Complete the Google Workspace integration.

Create credentials for the service account

Follow the steps outlined within the Google documentation:

Create credentials for a service account

Documentation Step	Field Name	Parameter
2	Project	Select the project created in Enable the Admin SDK API
2	Service Account	Select the service account you created in Create a service account
4	Key Type	Ensure “JSON” is selected.

Download the json file as it will be required when you Complete the Google Workspace integration.

Delegate domain-wide authority to the service account

Follow the steps outlined within the Google documentation:

Set up domain-wide delegation for a service account

Ensure you login with a super admin account and take note of the associated email address as you will need in when you Complete the Google Workspace integration.

Use the following parameters when completing the steps:

Documentation Step	Field Name	Parameter
2	Service Accounrt	Ensure you select the service account created in Create a service account
5e	OAuth scopes	https://www.googleapis.com/auth/admin.reports.audit.readonly
		https://www.googleapis.com/auth/admin.reports.usage.readonly
		https://www.googleapis.com/auth/apps.alerts

Complete the Google Workspace integration

You will need:

JSON file you downloaded in Create credentials for the service account
The admin account email used in Delegate domain-wide authority to the service account

Login to the Samurai MDR portal
Click Telemetry and select Integrations from the main menu
Select Create
Locate and click Google Workspace
Click Next (we leverage a Samurai Cloud Collector)
Enter a Name of Integration
Enter a Description (Optional)
Enter your Service Account JSON (copy and paste from the json file you downloaded)
Enter your Domain-Wide delegation account (the admin account email used for domain-wide delegation)
Click Finish

Our Integration guide was accurate at the time of writing but vendors change things frequently! If you find errors or anything is outdated, let us know by raising a request in the Samurai MDR application and we shall get it updated.