All Collections
Security & IT
Security & IT: Gmail Integration
Security & IT: Gmail Integration

Common questions about the security and IT implementation of our Gmail Integration

Simma Baghbanbashi avatar
Written by Simma Baghbanbashi
Updated over a week ago

This article will answer questions about the security and IT implementation of our Gmail Integration.

The Basics

How does the Gmail Integration access my Gmail inbox data?

The integration periodically fetches metadata for new emails in your inbox. We use this data to check if the sender or recipients of an email thread includes a member within your Aspire account.

For email threads that include a member, the integration fetches the associated email message content in order to display it to the Aspire user in their Aspire Inbox, as well as in the member activity feed view.

The integration does not fetch or store any email message content for any email threads that are not associated with a member of your account.

Additional safeguards are supported on the platform to restrict who can be added as a member (e.g., restricting any company email address from being added to a member).

Authentication

What does Aspire use for authentication?

We use OAuth 2.0 protocol for authentication. Through OAuth 2.0, users can authorize specific scopes that the Aspire integration requires. The authorization results in Google giving us an access token that we can use to make API calls on behalf of the authenticated user. We can only make API calls that are within the scope that the user authorized. You can read more about standard OAuth 2.0 protocol here.

Does Aspire have access to my Gmail password?

At no point does Aspire have access to the authorizing user's password for Gmail. This information is never shared with us.

Permissions

Why does Aspire require read and write access permissions?

Both read and write permissions are needed for the integration to function. In order to allow outgoing emails, we need to have the ability to send emails. This requires write permissions. In order to receive emails, we need read permissions to pull the information into your Aspire account and display it for you.

How exactly does the integration work with these permissions?

When a user connects a Gmail account, we subscribe to get notified by Google of any emails that this user receives. Then, when an email is received, Google notifies us and provides us with the message ID but not with the message itself.

What security protocols are in place?

Oauth2 Protocol assures that we have a secure way to authorize and obtain an access token for the user who set up and authorized the integration.

Data storage

How does the integration operate in terms of the transfer of data to and from Aspire and Gmail?

The integration communicates solely through the API; Aspire makes API calls to Google and receives notifications from Google via our API.

Revoking access

How do I revoke Aspire’s access to my Gmail account?

If at any point you wish to revoke Aspire’s access to Gmail, you can do so by following these steps:

  1. Go to https://myaccount.google.com/security

  2. Scroll down and click "Manage third-party access"

  3. Click Aspire and then click the blue "Remove Access" button

Did this answer your question?