Integrations
      Back to home
      1. Help Center
      2. API / Technical Questions
      3. Integrations

      Google DMI

      This article describes the Google DMI (direct message injection) integration, how to enable it, and considerations for its use. This integration is in open beta.

      Google DMI allows Phin to directly inject messages into Google Workspace inboxes, similar to how our Microsoft DMI integration works. This allows messages to bypass traditional firewalls and spam filters that would otherwise require manual allowlisting.

      Connect Phin's Google DMI Integration

      In order for our integration to connect to your tenant we need to allow the connection via Domain Wide Delegation. Then we can turn on the integration in the Phin portal. This allows our integration to use the Google APIs to create messages in user inboxes directly.

      Required Permissions to Connect

      In order to setup Google DMI you must have a super admin role to setup Domain Wide Delegation. The permissions we require are listed below, but only a super admin can view the required pages. You can read more about connecting APIs to Google Workspace here.

      Grant Domain Wide Delegation

      To enable Google DMI you will need to add our integration's client ID and respective scopes to your Google Workspace Admin console.

      1. Go to your Google Workspace Admin page.
      2. On the admin page, select Security.
      3. Click Overview.
      4. Select API Controls.
      5. Under the Domain Wide Delegation section, click Manage Domain Wide Delegation.
      6. Click the Add New button in the table's toolbar.
      7. For the Client ID field input "113120203488986354688".
      8. For OAuth Scopes add "https://www.googleapis.com/auth/gmail.insert".
      9. Click Authorize and save your changes.

      Enable Phin's Google DMI Integration

      Once you have granted our API the required permissions in Google Workspace, you can now enable the integration in Phin's admin portal.

      1. Navigate to the integration page using the sidebar at the company level.
      2. Click the Google DMI tile.
      3. Click the Connect to Google button
      4. A section will appear after connecting to verify your integration. Input an email in your workspace to send a test email.
      5. Once the test email successfully sends, your integration is fully setup!

      Enable a Custom Email Banner

      In some tenant configurations, you may have an "external sender" warning banner applied to all messages coming from outside your organization. Normally DMI messages lack this banner as they technically come from within your organization (via API). You can enable a custom banner to be applied via Google DMI to mimic this behavior for phishing and other message types. To enable this follow the steps below:

      1. Navigate to the Google DMI integration page.
      2. Under the Email Banner Settings enable one or both of the toggles.
      3. Input your banner text or HTML to be added to outgoing messages.
      4. Select Save Changes to apply your settings.

      Once these settings are saved you should start seeing your banner applied to enabled message types going forward. You can send a test message from the section above to verify your banner looks as you would expect.