Question
How do I configure FTK Central to collect from Google Drive?
Prerequisites
- A Google Google Suite account for your organization
- Administrator account credentials for your organization's Google Suite account
Answer
- Log in to the Google Cloud Platform IAM & Admin Console at https://console.cloud.google.com/iam-admin/ with your organization's Google Administrator account
- Click on the Project list at the top
- In the new dialog, select your domain and click NEW PROJECT
- Give the project a name and click CREATE
- Make sure you're viewing the new project, and click Service Accounts on the left
- Click CREATE SERVICE ACCOUNT at the top
- Give the account a name and description, and click DONE
- Click on the newly created Service Account
- Under the DETAILS tab, click SHOW DOMAIN-WIDE DELEGATION
- Check Enable Google Workspace Domain-wide Delegation, the provide a Product name and Email Address for the Consent Screen and click SAVE
- Copy the Client ID
- In a new tab, log in to the Google Admin Console at https://admin.google.com/ with your organization's Google Administrator account
- Click Security
- At the bottom, click API controls
- At the bottom, click MANAGE DOMAIN WIDE DELEGATION
- Click Add new
- In the new dialog, paste the previously copied Client ID, set the OAuth scope to "https://www.googleapis.com/auth/drive" and click AUTHORIZE
- Return to the previous tab and click KEYS at the top
- Click ADD KEY then Create new key
- Select JSON and click CREATE, making sure to take note of where the JSON file is downloaded to
- Navigate to the Google Drive API page at https://console.cloud.google.com/apis/library/drive.googleapis.com
- Make sure you're viewing your new project, and click ENABLE
- Log in to FTK Central and click Data Sources
- Click Google Drive
- Click Add Google Drive on the right
- In the new dialog, do the following:
- Enter a Name for your connector
- Paste the entire contents of the previously downloaded JSON file into the Service account API key field
- Choose whether to associate this connector to all custodians
Note: The connector must be associated to Custodians prior to attempting a collection - Click Save
- Confirm the Refresh Token Status for your connector shows Active