What permissions am I giving to Drafted when I connect Gmail?
Google Suite Integration Documentation
Drafted enables users to use Google Sign In to do one or more of the following
- Use Sign In with Google for secure login
- Connect Google Contacts to Drafted to enable Drafted to surface recommendations
- Connect GMail to Drafted to enable users to send email via their GMail account
Summary of Permission scopes
Drafted uses secure OAuth 2.0 as per Google specifications and is verified by Google. Full list of possible API scopes can be found here https://developers.google.com/identity/protocols/googlescopes
Following permissions are mandatory
- profile
Following permissions are conditional (separate consent required for each)
- contacts.readonly
- gmail.send
Why Drafted asks for these permissions
profile, email
These permissions gives Drafted access to the name and email address e.g “Vinayak Ranade, vinayak@drafted.us” for the current user. The email is always required for any SSO to verify identity.
contacts.readonly
This permission gives Drafted the ability to request a list of contacts from the user’s Google account. This is only requested after explicit affirmative consent from the user. Drafted uses this to build the network graph that powers suggestions for the user and the recruiters at the company. Typically this will include name and email address of the contact e.g “Vinayak Ranade, vinayak@drafted.us”
gmail.send
Typically only used by recruiters. If the user chooses to send email via Gmail, it helps the user have better email delivery rates by allowing Drafted to send their outreach emails through the user’s Gmail account. Any email sent in this way will appear in the user’s Sent folder in Gmail.