Connect Google Drive to Teamwork Graph

Connect Google Drive so Teamwork Graph can search your workplace files in Rovo Search, Chat, and Agents. Results respect each person’s Drive permissions.

Who does what

• Organization admin (or someone with access to Atlassian Administration and Google Admin): completes the connector setup, including domain-wide delegation in Google.

• Each team member: connects their own Google account to Atlassian when prompted so Rovo only returns Drive results they are allowed to see.

Expect a few hours before files start appearing in Search; large drives can take longer to finish indexing.

はじめる前に

You need:

1. A Google account that can use the Google Admin console with the privileges described in this article (read-only Admin API access is enough; you may need a Super Admin to create that account or role).

2. Domain-wide delegation in Google Workspace for Atlassian’s client ID and OAuth scopes. For background, see Why do you need domain-wide delegation? below.

何がインデックス化されますか?

Google ドライブ コネクタは、次のオブジェクトをインデックス化します。

• Google ドキュメント

• Google スプレッドシート

• Google スライド

• PDF (最大 10 MB)

• txt files

• csv files

• フォルダー

• 画像

• Google Meet recordings (If selected)

• 名前

• URL

• createdDate

• 最終更新日

• 作成者

• 協力者

• ドキュメント本文

• 格納フォルダー名

User data indexed:

• ID

• 作成日

• メール

• 表示名

• ステータス

• 部署

• タイトル

Step 1 (optional): Use a dedicated Google account

Using a dedicated Google user with read-only Admin API access avoids routing connector API calls through your Super Admin account. Super Admin is not required on that dedicated account.

If you are fine using your Super Admin (or equivalent) for the whole flow, skip to Step 2.

Create or pick the account

Use an existing Workspace user or create a new one in Google Admin console. New users must sign in to Workspace at least once and accept the Terms of Service.

Create a role and assign the account

1. In Google Admin console, open Admin roles.

2. [新しいロールを作成] を選択します。

3. Enter a name (for example Atlassian Google Drive) and a description, then select Continue.

4. Under Privilege Name, select:

• 管理者権限

  • Reports

  • Domain Management

  • Groups > Read

  • Organizational Units > Read

  • Users > Read

  • Services → Drive and Docs → Settings (select all)

    • Docs Templates

    • Manage classic Google Sites

    • Move any file or folder into shared drives

    • View details of new Google Sites

  • Services → Security Center → This user has full administrative rights for Security Centre → Audit and investigation → View

    • Drive

    • Groups

    • User

1. Select Continue, review privileges, then Create Role.

2. On the new role, select Assign Members, add the account Atlassian will use for Drive, and copy that account’s email. You will enter it in Atlassian Administration in Step 3.

Step 2: Configure domain-wide delegation in Google Admin

First, start the connector in Atlassian so you have the Client ID and OAuth scopes to paste into Google.

1. Go to Atlassian Administration. If you have more than one organization, select the right one.

2. Select Apps, then Connectors.

3. If you have more than one site, pick the site, then Add connector.

4. Choose Google Drive, then Next. Leave this setup screen open; you will return to it in Step 3.

In Google Admin Console (signed in as the dedicated account from Step 1 or as Super Admin):

1. Open Menu > Security > Access and data control > API controls > Manage Domain Wide Delegation.

2. [Add New (新規追加)] を選択します。

3. Copy Client ID from the Atlassian Google Drive setup screen and paste it into Client ID in Google.

4. Copy OAuth scopes (comma-delimited) from Atlassian and paste into the matching field in Google.

   • To index Google Meet recordings, turn on Include Google Meet (Optional) in Atlassian before you copy the scopes so Meet scopes are included.

5. In Google Admin Console, select Authorize.

Step 3: Finish setup in Atlassian Administration

Return to the Google Drive connector screen in Atlassian Administration.

1. Enter a nickname for this connection.

2. Enter the email address of the Google Workspace administrator account you are using for delegation (the dedicated account from Step 1, or your Super Admin).

3. Optional limits

   • Allowlist and blocklist: restrict by shared drive URLs. More on blocking and allowing content

   • Limit by date: only content created or modified after a date you choose is added.

4. Read and accept the data usage information.

5. [確認] を選択します。

Step 4: Tell your team to connect Google Drive

Indexing can run in the background, but each person still needs to link their Google account to Atlassian when asked. Without that link, Rovo cannot mirror their normal Drive access in search results.

What people usually see:

• Google Drive as a source or filter in Search after the org connector is active.

• A prompt to connect Google Drive to their Atlassian account if they have not done so yet. Until they connect, they may not see Drive results in Search, Chat, or Agents.

After setup

• Files usually begin to appear in Search within a few hours, then keep filling in.

• Very large libraries can take longer before everything is indexed.

権限

Google Drive sharing settings still apply. Teamwork Graph does not bypass them.

Teammates can find a file in Rovo when either:

• The file’s Drive sharing is set to Can find in search results, or

• The file is Must have link to access and that link appears somewhere Rovo can read (for example a Confluence page or a Slack message).

If a file is private (not shared and not set to appear in search results), only the owner sees it in Rovo. Everyone else will not see it in Search, Chat, or Agents.

ドメイン全体の委任が必要な理由

Domain-wide delegation lets the connector call Google’s APIs on behalf of users in your domain, so it can index each person’s Drive while still honoring their permissions.

Without it, the connector would only see files owned by the single account that connected. You would not get organization-wide search coverage.