Per-user Google Drive (OAuth)
Wisteria’s primary Google integration is Google Workspace, which uses Domain-Wide Delegation to read across an entire domain with a single IT-admin setup.
The per-user Google Drive connector is a lighter-weight alternative: an individual user connects their own Drive account via standard OAuth, and Wisteria gains read access only to files that user can see.
When to use it
- You don’t have Google Workspace, or you do but your super admin can’t grant Domain-Wide Delegation.
- You want a single user to pilot the AI ambient watcher before committing the whole tenant.
- You want to surface content from a user’s personal Drive (not the org’s shared drives).
If your team is on Google Workspace and you can grant Domain-Wide Delegation, prefer that — see Connect Google Workspace.
Setup
- Inside Wisteria, go to Settings → Integrations → Other connectors → Google Drive.
- Click Connect. You’ll be redirected to Google’s consent page.
- Sign in with your Google account and approve the read-only Drive scope.
- Google redirects you back to Wisteria, which stores an OAuth refresh token (encrypted at rest).
What gets accessed
| Scope | Why we need it |
|---|---|
https://www.googleapis.com/auth/drive.readonly | Read documents the connecting user can see |
That’s the only scope. Wisteria never reads beyond what the connecting user can see, and never modifies, uploads, or deletes anything.
Disconnecting
Disconnect from Settings → Integrations → Google Drive → Disconnect. Wisteria deletes the stored refresh token; future scans are not possible. You can also revoke from myaccount.google.com → Security → Third-party apps with account access.
Limitations
- Per-user, not per-domain — only the connecting user’s accessible files are scanned.
- Refresh tokens can expire after long periods of inactivity. If a scan returns no results, re-connect.
- This connector doesn’t replace Google Workspace + DWD for organisation-wide deployment.