In this page

What Access Permissions Does Hiver Need To My Gmail/Google Account, And Why?

Deepanwita Updated by Deepanwita

Overview

This document gives an overview of all the Gmail API scopes used by Hiver and why are they needed. You can find the list of all Gmail API scopes supported by the Gmail API here.

Hiver provides shared mailbox functionality built on top of Gmail. Shared Mailboxes are a way to manage shared email ids like support@, info@ email ids very easily right from Gmail. When a new email comes to a shared mailbox, this email is shared with everyone who is part of the shared mailbox. From an implementation standpoint, Hiver uses the Gmail API to fetch an email from the source Gmail account and then push this email to all the recipients who are part of the shared mailbox. The section below describes how the following scopes are used by Hiver to provide the shared mailbox functionality.

Description of the scopes used

https://www.googleapis.com/auth/gmail.insert

To insert email into the Gmail accounts which are part of the Shared Mailbox. When an email needs to be copied to a Gmail account, insert is required.

https://www.googleapis.com/auth/gmail.labels

Hiver creates and manages a custom set of labels in Gmail to facilitate the sharing and browsing of emails within the Shared Mailbox for a user. Hiver uses a label based search to allow browsing of emails.

https://www.googleapis.com/auth/gmail.modify

To modify the labels (user labels and system labels) in an email or a conversation. This allows Hiver to move emails from one label to another and provide a workflow for the user. The system labels include SPAM, TRASH and INBOX. Hiver never trashes an email unless otherwise explicitly requested by the user. Hiver just removes the TRASH label.

https://www.googleapis.com/auth/gmail.readonly

To get the email headers and the email body. Hiver looks at the email headers to identify emails that need to be shared. If sharing is required, the email is downloaded as an encrypted blob on our server, then pushed into the Gmail accounts it needs to be shared with and then purged immediately from our server.

https://www.googleapis.com/auth/gmail.send

To send an automated response for the emails in the Hiver shared mailbox. Automated response is a Hiver Shared Mailbox feature which allows sending automatic replies.

https://www.googleapis.com/auth/gmail.settings.basic

To get, create & delete filters. These filters are created so that the emails skip certain user's mailbox so that the emails will be visible only under the labels created (for Hiver shared mailbox). Hiver also reads send-as settings for the users to check if they've enabled certain settings required for using Shared Mailbox.

https://mail.google.com/

Although this scope gives full access to Hiver, the primary reason Hiver needs this is to permanently delete email occasionally when the email threading in Gmail is not consistent across users in the Shared Mailbox. Hiver uses the API Users.messages: delete for this.

To elaborate this a little more, Hiver might need to reorganize how email messages in a thread (conversation) are clubbed together. This is a very important requirement for the Shared Mailbox functionality to work perfectly. An email thread in a shared mailbox should exactly look the same across all users in the shared mailbox. Gmail does not behave consistently with the email chaining when a reply comes to a thread and sometimes it clubs reply email messages to incorrect parent threads.

Hiver detects that a particular Gmail account has not clubbed the reply email message correctly, it permanently deletes the reply message from one thread and then pushes the message to the correct thread. Apart from this requirement, Hiver never permanently deletes any emails.

How did we do?

Is My Data Secure During Transfer Between Hiver’s Servers And Google’s Servers?

Contact