Data security and privacy policies for Google connectors – Azure Logic Apps – ABOUT MAG 2020

->

Getting Started May 1, 2020, changes due to data security and privacy policies can affect logical application workflows that use the Gmail Connector. If your logic apps use the Gmail connector with a Gmail consumer account (email address ending with @ gmail.com or @ googlemail.com), your logic apps can only use Google approved triggers, actions and connectors.

Note

If your logic apps use the Gmail connector with a G-Suite business account (email address with a custom domain), they will not be affected and will have no restrictions on using the Gmail connector.

Affected logical applications

If you have logic apps that use the Gmail connector, you’ll receive an email about potentially affected logic apps. However, getting started June 15, 2020, all unsupported workflows will be disabled. You can do one of the following:

  • Update the affected logic apps following the steps in this topic. You need to create a Google client application that provides a customer ID and secret that you use to authenticate to the trigger or Gmail action.

  • Update the affected logic apps so that they use only the Google approved connectors before re-enabling disabled logical applications.

Google approved connectors

Under this policy, when you use a Gmail consumer account, you can only use the Gmail connector with specific services approved by Google, which are subject to change. Our engineering teams continue to work with Google to add more services to this list. For now, here are the Google-approved triggers, actions, and connectors that you can use in the same workflow as the logic app with the Gmail connector when using a Gmail consumer account:

  • Logical Applications integrated triggers and actions: Batch, Control, Data Operations, Date and Time, Flat File, Net, Request, Programming, Variables and XML

  • Google services: Gmail, Google Calendar, Google Contacts, Google Drive, Google Sheets and Tasks

  • Microsoft approved services: Dynamics 365, Excel Online, Microsoft Teams, Office 365, OneDrive and SharePoint Online

  • Connectors for client-managed data sources: FTP, HTTP, RSS, SFTP, SMTP and SQL Server

For the latest information, see the Gmail connector technical reference documentation.

Steps for affected logical applications

If you need to use the Gmail connector with a Gmail consumer account and unapproved Google connectors in a logical application, you can create your own Google application for personal or internal use at your company. For this scenario, here are the high-level steps you need to take:

  1. Create a Google client application using Google API console.

  2. In your Gmail connector, use the client ID and client secret values ​​from your Google client app.

For more information, see the Gmail connector technical reference documentation.

Create Google client application

To set up a project for your client application, use the Google API console wizard and follow the instructions. Or, for detailed steps, review the instructions on the Gmail connector technical reference documentation.

When finished, your screen will look like this example, except that you will have your own Customer ID and Customer secret values, which you use later in your logic application.

Customer ID and customer secret for your Google client application

Use client application settings in the logic application

To use your Google client app’s client ID and client secret in your Gmail trigger or action, follow these steps:

  1. At the Azure portal, open your logic app in Logic App Designer.

  2. If you’re adding a new Gmail trigger or action and creating an entirely new connection, continue with the next step. Otherwise, in the Gmail trigger or action, select Change connection > Add new, for example:

    Select “Add new”” data-linktype=”relative-path”/>

  3. Provide your connection information, for example:

    Provide connection information

    Property Value description
    Authentication Type Bring your own app Specifies that you will use your own client application for authentication.
    Customer ID <Customer ID> The client ID of your Google client application
    Customer secret <customer secret> The customer secret of your Google client application
  4. When finished, select Sign in.

    A page appears showing the client application you created. If you’re using a Gmail consumer account, you can get a page that shows that your client application has not been verified by Google and asks you to first allow access to your Google account.

    Request access to your Google account

  5. If necessary, select To allow.

    You can now use the Gmail connector without restrictions in your logic app.

Next steps

Learn more about Gmail Connector

->

Paula Fonseca