Drift Email abides by the principle of least privilege. We are only authorized for the bare minimum access required to continuously read emails from a specific inbox, in order to sync data in real time.
Access is granted through Google’s API via standard OAuth2 authorization. Once you've connected an inbox, you can verify this configuration by finding Drift Email in your connected apps settings in your Google account.
These permissions apply to Drift Email’s management of email replies only. If you’re an Email Bots user, see “Email Bots” for additional required access.
For email reply management, Drift Email needs permission to:
- View your email messages
- Search your email messages
- View your settings (eg. filters and labels)
More detail on how these permissions are granted to Drift Email:
- This allows us to access a profile, so we can identify the inbox being connected and associate it with the correct Drift Email account. This is enabled through Google’s OAuth2 authorization (more info here).
- Offline access
- This enables us to pull email replies from your connected inboxes when you are not actively logged into the Drift Email app. This is enabled through Google’s OAuth2 authorization (more info here).
- This scope gives us read-only access to the emails in the connected inbox.
For more specific information, see Google’s resource on API scopes.