Skip to content
Comma Compliance Docs

Setting Up Google Workspace Archiving

Google Workspace covers Gmail, Drive, Chat, Meet, and Calendar from a single Google identity. Comma connects to the whole domain through Google’s OAuth admin-consent flow and pulls every business surface into your archive.

How Google Workspace capture works

Section titled “How Google Workspace capture works”
  • Gmail - inbound, outbound, CC, BCC, attachments, drafts where retention applies; full thread context
  • Drive - file create/modify/move/delete, version history, sharing changes, comments, ownership transfers
  • Chat - DMs, group chats, spaces, edits, deletes, file shares
  • Meet - meeting metadata and recordings (where enabled in your Workspace plan)
  • Calendar - meeting invitations and attendee changes for thread context
  • Direct-source ingestion via the Google API - no MX rerouting, no Vault dependency

Permission tiers

Section titled “Permission tiers”

Comma supports three scope tiers so admins can grant only what’s needed:

  • Directory access - read users and groups
  • Contact access - directory plus contacts and calendar
  • Full access - directory, contacts, calendar, Gmail bodies, Drive content, Chat

See Microsoft & Google OAuth Permissions for scope-by-scope detail.

Prerequisites

Section titled “Prerequisites”
  • Google Workspace Super Admin
  • Comma team admin access
  • About 10 minutes

Setup steps

Section titled “Setup steps”
  1. Sign in to the Comma Compliance dashboard
  2. Open Integrations in the top navigation
  3. Under Organizational Integrations, find the Google Workspace card and click Connect
  4. Choose your permission tier
  5. You’ll be redirected to Google to sign in with your Super Admin account
  6. Approve the consent screen for the selected scopes
  7. Google redirects you back to Comma; the installation is confirmed
  8. Initial sync runs in the background

Verifying capture

Section titled “Verifying capture”

After the first sync window (~15 minutes):

  • The integration card shows the connected domain
  • A test email sent through any user in the domain appears in Messages
  • Drive activity shows under the Drive filter

Removing the integration

Section titled “Removing the integration”
  1. From the Google Workspace card in Comma, click Disconnect
  2. (Optional) Revoke in Google Admin > Security > API Controls > App access control > Comma Compliance > Remove access
  3. Historical capture remains under your retention policy

What’s next

Section titled “What’s next”