Next Generation API Data Protection for Google Drive
Using API Data Protection involves configuring the API connection for your Google Drive app.
To use the Next Generation API Data Protection for Google Drive, you need to log in to your Google admin console, enter the Client ID and OAuth scopes, and authorize it. The following sections explain how to client ID and OAuth scopes and how to configure the connection.
Capability Differences Between Classic & Next Generation API Data Protection
Here is a list of feature parity for Google Drive between classic and Next Generation API Data Protection.
Feature | Sub-category | Classic | Next Generation |
|---|---|---|---|
Multiple Instances (Apply a policy to multiple SaaS app instances) | - | No | Yes |
User policy selection | All Team Drives with exception | Yes | Yes (achievable via the Specify Resources to Scan/Exclude option in the policy wizard) |
Subset of Team Drives | Yes | Yes (achievable via the Specify Resources to Scan/Exclude option in the policy wizard) | |
User profiles | Yes | Yes | |
User groups | Yes | No | |
Exclude users | Yes | Yes | |
Exclude user profiles | Yes | Yes | |
File sharing | All sharing option | Yes | Yes |
Specific sharing option | Yes | Yes | |
Private sharing option | Yes | No | |
Public sharing option | Yes | No Following public sharing options are not supported:
| |
Share content internally | Yes | Yes | |
Share content with more than 'x' number of internal users | Yes | Yes | |
Share content externally | Yes | Yes | |
Share content with all external domains | Yes | Yes | |
Share content with specific external domains | Yes | Yes | |
Share content with more than 'x' number of external users | Yes | No | |
Share content across enterprise organization | Yes | No | |
Enterprise share with everyone | Yes | No | |
Enterprise share with everyone except external users | Yes | No | |
Share content with select set of user groups | Yes | No | |
File type scan | All file type | Yes | Yes |
Specific file type | Yes | Yes | |
DLP | Multiple DLP Profiles (apply multiple DLP profiles in a single policy) | No | Yes |
Threat protection | Malware | Yes | Yes |
Configuration settings under Settings > Threat Protection > API-enabled Protection | Yes | No | |
Action | Alert | Yes | Yes |
Legal hold | Yes | No | |
Quarantine | Yes | No | |
Restrict access to owner | Yes | Yes | |
Restrict access to internal collaborators | Yes | Yes | |
Restrict access - remove public links | Yes | Yes | |
Restrict access - remove individual users | Yes | Yes | |
Restrict access - remove organization-wide links | Yes | Yes | |
Notification | Notify every 'x' minutes | Yes | No |
Notify after each event | Yes | No | |
Notify owner | Yes | No | |
Notify administrator | Yes | No | |
Notify collaborators | Yes | No | |
Notify select users | Yes | No | |
Notify entries in "From Email" field | Yes | No | |
Ability to select email template for owner | Yes | No | |
Ability to select email template for administrator | Yes | No | |
Ability to select email template for collaborators | Yes | No | |
Ability to select email template for select users | Yes | No |
*Refer to policy documentation located here.