The Online Audit Manager Google integration for Google Workspaces allows for the clients to easily import user lists and user information to support the completion of an efficient audit process.
The following read only sensitive scopes are utilized to collect the user and group data:
/auth/admin.directory.user.readonly – To get a list of users for the domain and verify that MFA is enabled
/auth/admin.directory.group.readonly – To view groups on the domain
/auth/admin.directory.group.member.readonly – To view group subscription for each user
This data is used in the evidence collection process as part of the audit and provides an automated method to collect a user and group list.