Add or Edit a Gmail for Work Source

With a Google account with administrator credentials, members of the Administrators and Content Managers built-in groups can add the Gmail mailboxes content (emails and attachments) of Google Apps domain users to a Coveo organization.

You can use the Content Security tab to select whether the source content is accessible to everyone, or as determined by your source permissions system.

As a member of one of these groups, when you create the source, you authorize the Coveo organization to read your Google account using OAuth 2.0, a protocol that authorizes access without giving your password.

Source Key Characteristics

Features Supported Additional information
Gmail for Work version Latest cloud version Following available Gmail for Work releases
Searchable content types Emails and attachments
Content update operations Refresh

Takes place every three hours by default. A rescan or rebuild is required to capture domain, primary email, and email aliases changes.

Content security options Determined by source permissions

The Gmail delegation feature isn't yet supported, meaning a user can only search the content of their mailbox even if they have access to other users' mailboxes in Gmail for Work.

Source creator

Authorize Your Coveo Organization to Access the Gmail Mailboxes of Your Users

  1. Create a Google API Console project.

  2. Modify security parameters in your Google Apps account.

Add or Edit a Gmail for Work Source

Once you’ve authorized your Coveo organization to access your users’ Gmail mailboxes, follow the instructions below to add or edit your Gmail for Work source.

“Configuration” Tab

In the Add/Edit a Gmail for Work Source panel, the Configuration tab is selected by default. It contains your source’s general and authentication information, as well as other parameters.

General Information

Source Name

Enter a name for your source.

A source name can’t be modified once it’s saved, therefore be sure to use a short and descriptive name, using letters, numbers, hyphens (-), and underscores (_). Avoid spaces and other special characters.

Google Apps Domain

Enter the Google Drive domain that you want to index.

Google Apps Administrator Account Email

Enter the email of a Google Apps administrator account in the format.

Google Service Account Email

Enter the Google service account email address that you obtained when you authorized your Coveo organization to access the Gmail mailboxes of your users.

Private Key File

Click Choose File, and then select the private key file that you created when you authorized your Coveo organization to access the Gmail mailboxes of your users.

Character Optical Recognition (OCR)

If you want Coveo Cloud to extract text from image files or PDF files containing images, check the appropriate box. OCR-extracted text is processed as item data, meaning that it’s fully searchable and will appear in the item Quick View. See Enable Optical Character Recognition for details on this feature.


When adding a source, if you have more than one logical (non-Elasticsearch) index in your organization, select the index in which the retrieved content will be stored (see Leverage Many Coveo Indexes). If your organization only has one index, this drop-down menu isn’t visible and you have no decision to make.

  • To add a source storing content in an index different than default, you need the View access level on the Logical Index domain (see Manage Privileges and Logical Indexes Domain).

  • Once the source is added, you can’t switch to a different index.

“Mailboxes to Include” Section

By default, all user mailboxes in your domain are indexed. As an alternative, you can select Specific to enter the addresses of the specific mailboxes that you want to index.

“Additional Content to Include” Section

Check the Trashed and spam items box to index the items in the Trash and Spam folders of the indexed mailboxes.

“Content Security” Tab

Select who will be able to access the source items through a Coveo-powered search interface. For details on this parameter, see Content Security.

The Gmail delegation feature, which allows a user to access another user’s mailbox, isn’t supported. Therefore, if you choose the Determined by source permissions option, there may be some discrepancies in content access capabilities.

“Access” Tab

In the Access tab, determine whether each group and API key can view or edit the source configuration (see Resource Access):

  1. In the Access Level column, select View or Edit for each available group.

  2. On the left-hand side of the tab, if available, click Groups or API Keys to switch lists.


  1. Finish adding or editing your source:

    • When you want to save your source configuration changes without starting a build/rebuild, such as when you know you want to do other changes soon, click Add Source/Save.

      To add the source content or to make your changes effective, on the Sources page, you must click Launch build or Start required rebuild in the source Status column.


    • When you’re done editing the source and want to make changes effective, click Add and Build Source/Save and Rebuild Source.

      Back on the Sources page, you can review the progress of your source addition or modification.

    Once the source is built or rebuilt, you can review its content in the Content Browser.

  2. Optionally, consider editing or adding mappings.

    You can only manage mapping rules once you build the source (see Refresh, Rescan, or Rebuild Sources).

What’s Next?

Adapt the source update schedule to your needs.

Recommended Articles