Gopher for Users requires the user to have a minimum of the following Google Admin API permissions:
- Groups > Read
- Groups > Update
- Organization Units > Read
- Schema Management > Schema Read
- Users
You can assign these privileges (for a newly created role or to modify an existing role) in the Admin Roles area of the Admin console.
- In the Admin console, navigate to Account > Admin roles.
- Select an existing role or create a new role.
- Go to Privileges or Select privileges depending on whether you are working with an existing or new role.
- The Privileges page has 2 sections; Admin console privileges and Admin API privileges. Scroll down to the Admin API privileges section.
- Scroll to or search for Groups.
- Check the Read and Update checkboxes nested under Groups.
- Scroll to or search for Organization Units.
- Check the Read checkbox nested under Organization Units.
- Scroll to or search for Schema Management.
- Check the Schema Management checkbox.
- Scroll to or search for Users.
- Check the Users checkbox. This selects all privileges nested under Users.
- Click Save.
To restrict which OUs your users have access to with Gopher for Users, the Admin Roles for Gopher for Users will need to be split into two categories; Global and Granular. See Set Up Granular Access With Gopher for Users for more information.
Document Version | Date | Description of Change |
1.0 | 8/15/2024 | Added navigation paths, reverify |