Google
Allows Wing Security to discover all SaaS applications connected to your Google environment, their permissions, and usage. It also identifies all Google users and their actions. Wing will monitor your Google environment and raise any issues found to help protect it. You’ll be able to remediate these issues easily within Wing’s interface.
How to Connect
1. Should be connected by the super admin of the entire organization.
2. Follow the steps for OAuth authentication using Google (grant all the requested permissions).
Permissions
View delegated admin roles for your domain
View delegated admin roles that are currently defined for your domain.
View audit reports for your G Suite domain
View audit reports of admin and user activity in your G Suite domain (e.g. password change events and document view events).
View organization units on your domain
View metadata (e.g. name and description) of organization units.
See info about users on your domain
This app wants permissions to see profile info about your domain users, such as their: Names, Email, Addresses, Phone numbers, Metadata, including users’ role, manager info, and last login time.
Manage data access permissions for users on your domain
View and manage data access permissions for users on your domain. *We require this permission in order to find tokens users granted to 3rd party applications.
Office 365
Allows Wing Security to discover all SaaS applications connected to your Microsoft environment, their permissions, and usage. It also identifies all Microsoft users and their actions. Wing will monitor your Microsoft environment and raise any issues found to help protect it.
How to Connect
1. Should be connected by the admin of the entire organization.
2. Follow the steps for OAuth authentication using Office, while making sure to check the “Consent on behalf of your organization”.
Permissions
Sign you in and read your profile
Allows you to sign in to the app with your organizational account and let the app read your profile. It also allows the app to read basic company information.
Maintain access to data you have given access to
Allows the app to see and update the data you gave it access to, even when you are not currently using the app. This does not give the app any additional permissions.
Read activity data for your organization
Allows the app to read activity data for your organization.
Read all users’ full profiles
Allows the app to read user profiles without a signed-in user.
Read all audit log data
Allows the app to read and query your audit log activities, without a signed-in user.
Read directory data
Allows the app to read data in your organization’s directory, such as users, groups and apps, without a sign-in user.
Sign in and read user profile
Allows users to sign in to the app, and allows the app to read the profile of signed-in users. It also allows the app to read basic company information of signed-in users.