Index shared drives only

This is for:

Developer System Administrator
In this article

By default, a Google Drive for Work source indexes the content of My Drive folders. You can configure it to index content from shared drives as well.

This article details a scenario where the objective is to index a specific set of shared drives. The setup procedure involves the creation of a dedicated user account, which is then granted access to this specific set of shared drives.

Prerequisites

Ensure you have a Google account with administrator credentials. These credentials allow your Coveo organization to read your Google account using OAuth 2.0, a protocol that authorizes access without giving your password.

Procedure

  1. Create a Google Drive for Work source.

  2. Create a Google Cloud Console project.

  3. Authorize Coveo to access your Google content.

  4. Create a user account to be used as the crawling account for your Google Drive for Work source. The drives you’ll share with this user are the ones that will be indexed.

    1. Access the Google Workspace Admin Console with a super administrator account.

    2. In the main menu, select Directory > Users.

    3. Click Add new user.

      Add a new user | Coveo

    4. Fill in the User information form, and then click Add new user.

  5. Create a user group, and add the user as the sole member of the group.

    1. In the main menu, select Directory > Groups.

    2. Click Create group.

    3. Create the group and add the user you created earlier.

      Add the user to the new group | Coveo

  6. Publish a new internal app.

    1. Log into the Google Cloud Console using a Google Account with administrator credentials.

    2. In the header dropdown menu, select your project.

    3. Click APIs & Services.

    4. In the menu, select OAuth consent screen.

      OAuth consent screen | Coveo

    5. In the OAuth consent screen, select the Internal user type, and then click Create. You don’t need to create new OAuth credentials or to publish them for verification since you’re publishing an internal app. However, if you still want to do so, you may want to see Configure OAuth for help with this section.

    6. Configure your app in the Google Workspace Marketplace SDK.

      Tip

      See Configure your app in the Google Workspace Marketplace SDK for help with this section.

      1. Access the Google Workspace Marketplace SDK page.

        Google Workspace Marketplace SDK | Coveo

      2. Click Enable.

      3. In the App Configuration tab, set the App Visibility to Private.

      4. Set the Installation Settings to Admin Only Install.

      5. Under App Integration, select Web App.

      6. Under Universal Nav Url, enter any safe site. This URL doesn’t matter.

      7. Under OAuth Scopes, enter the following:

        https://www.googleapis.com/auth/userinfo.email
        https://www.googleapis.com/auth/userinfo.profile
        https://www.googleapis.com/auth/admin.directory.user.readonly
        https://www.googleapis.com/auth/admin.directory.group.readonly
        https://www.googleapis.com/auth/documents.readonly
        https://www.googleapis.com/auth/drive.readonly

    7. Create a store listing.

      Tip

      See Create a store listing for help with this section.

      1. Select the Store Listing tab.

        Google Workspace Marketplace SDK Store Listing tab | Coveo

      2. Fill in all required fields. The URLs, email addresses, and images don’t matter, as long as they exist.

      3. Once you’ve created the store listing, copy the App Url. You’ll need it later on.

  7. Create a Google Workspace Marketplace-compatible OAuth Client for the service account you created.

    1. Log into the Google Cloud Console using a Google account with administrator credentials.

    2. Access the Service Accounts page.

    3. Select the project the service account is associated with.

    4. Click the service account email.

    5. In the Details tab, expand the Advanced settings section.

    6. Click Create Google Workspace Marketplace-compatible OAuth Client.

      Create the Google Workspace Marketplace-compatible OAuth Client | Coveo

  8. Install the app.

    1. Access the app URL using a super admin account.

    2. While installing the app, under Install the app automatically for the following users, select only the group you created earlier. This ensures that the Coveo source can only impersonate the dedicated user account you created.

  9. Configure your Google Drive for Work source to use the dedicated user account you created.

    1. On the Sources (platform-ca | platform-eu | platform-au) page of the Coveo Administration Console, click your Google Drive for Work source, and then click Edit in the Action bar.

    2. Under Users to include, select Specific, and then enter your dedicated user account email address. Then, click Save.

    3. On the Sources (platform-ca | platform-eu | platform-au) page, click your Google Drive for Work source, and then click More > Edit JSON.

    4. In the Edit a Source JSON Configuration panel, set the IndexSharedDrives and ForceIndexSharedDrivesNotManagedByUser parameter values to true. Then, click Save.

      Edit the JSON configuration | Coveo

  10. Share the desired shared drives with your dedicated user account.

    1. Access the Google Workspace Admin Console with a super administrator account.

    2. In the main menu, select Apps > Google Workspace > Drive and Docs.

    3. Click Manage shared drives.

    4. Hover your mouse over a shared drive you want to give your dedicated user account to, and click Manage members.

      Manage members | Coveo

    5. In the Manage members panel, select the dedicated user account.

    6. Choose the access level for this user. If you want to index comments, select Commenter. Otherwise, select Viewer.

    7. Click Send.

    8. Repeat the process for each shared drive you want to index.

  11. Finish configuring your source.