Veritas Alta™ SaaS Protection Administrator's Guide
- Section I. Introduction to Veritas Alta™ SaaS Protection
- Section II. Administration
- Section III. Manage backups (connectors)
- Overview
- About backup jobs (connectors)
- Overview for adding backup jobs (connectors)
- Configuring the capture scope
- Configuring credentials
- Configuring Delete and Stub policies
- Apps Consent Grant utility
- Backup Exchange Online mailboxes
- Adding connectors for Exchange Online data
- Configuring the capture scope for Exchange connectors
- Configuring the capture scope for Exchange connectors
- Backup SharePoint Online
- Supported SharePoint Online sites and data for backup and restore
- Adding backup jobs (connectors) for SharePoint Online sites and data
- Backup Teams Sites collections
- Backup OneDrive for Business
- Backup Teams chats
- Backup Audit logs
- Backup Google Drive data
- Backup Gmail data
- Backup Salesforce data
- Backup Entra ID (Azure AD) objects
- Backup Box data
- Backup Slack data
- Backup EML data
- Managing backup jobs (connectors)
- Backup jobs (connectors) statuses
- Browsing the backed-up data
- Events
- Overview
- Section IV. Manage restores
- About restore
- Prerequisites for data restore
- Restore dashboard
- Restore Exchange Online mailboxes
- Restore SharePoint Online data
- Restore Teams chats and Teams Channel conversations
- Restore Audit logs
- Restore Box data
- Restore Google Drive data
- Restore Gmail data
- Restore Salesforce data and Metadata
- Restore Salesforce Metadata to the same or another organization
- Restore Entra ID objects
- Restore Slack data
- Restore data to File server
- Restore options
- Section V. Manage data sharing
- Section VI. Manage data downloads
- Section VII. Manage Stors (Storages)
- Section VIII. Policies to manage the backed-up data
- About policies in Veritas Alta™ SaaS Protection
- Configuring policies for data retention (WORM policies)
- Configuring policies for data deletion (Deletion policy)
- Configuring policies for data tiering (Tiering policy)
- Configuring Tagging polices
- Managing policies
- Section IX. Manage users and roles
- Section X. Manage Discovery cases and searches
- Section XI. Manage Scopes
- Section XII. Manage auditing
API permissions for Gmail and Google Drive
Veritas Alta SaaS Protection requires API permissions for backup, restore, and data interactions with Google and Gmail workloads, as listed in the following table:
Table:
API name | Requested scope | Used by Veritas Alta™ SaaS Protection: | Description by Google |
---|---|---|---|
API Access | Domain-wide delegation for Domain | To back up users' data from Google Drive and Gmail mailboxes. | Domain-wide delegation is a powerful feature that allows apps to access users' data across your organization's Google Workspace environment. For example, grant domain-wide delegation to a migration app that duplicates user content from another service to Google Workspace. For this reason, only super admins can manage domain-wide delegation, and they must specify each API scope that the app can access. |
Directory API | https://www.googleapis.com/auth/admin.directory.user.readonly | To enumerate the organization's users and discover users of Google Drives and Gmail mailboxes. | Scope for only retrieving users or user aliases. |
Drive API | https://www.googleapis.com/auth/drive | To back up and restore Google Drive content. | View and manage all of your Drive files. |
Gmail API | https://www.googleapis.com/auth/gmail.readonly | To back up Gmail content. | Read all (Gmail) resources and their metadata. |
Gmail API | https://www.googleapis.com/auth/gmail.modify | To restore Gmail content. | All read/write operations except immediate, permanent deletion of threads and messages, bypassing Trash. |