Accessing user data
These projects allow access to Google resources from a Qorus Integration Engine(R) application instance. The Qorus application instance communicates directly with the Google APIs.
The Qorus Google Access projects never receive your data or the permission to access your data.
When the cloud API is used for the authorization code flow, only anonymous information about the OAuth2 server used is stored; no customer-identifiable information is logged or stored on Qore Technologies' systems.
When the local server is used for the authorization flow, all data related to access to Google resources is stored on the local Qorus application instance.
Qorus Integration Engine(R) includes functionality (APIs and no-code integration objects) that you can execute in order to read or modify your own data. This can only happen after you provide a token, which requires that you authenticate yourself as a specific Google user and authorize these actions.
Qorus Integration Engine(R) can help you get a token by guiding you through the OAuth flow in the browser. There you must consent to allow the Qorus Google Access project to access data on your behalf. The OAuth consent screen will describe the scope of what is being authorized, e.g., it will name the target API(s) and whether you are authorizing “read only” or “read and write” access.
There are two ways to use these packages without authorizing a Qorus Google Access project: bring your own service account token or configure the package to use an OAuth client of your choice.
Overview of the scope requested by various Qorus Google Access projects and their rationale:
- Calendar Access (full: create, read, update, delete):
auth/calendar: This scope provides full access to all calendars and calendarLists associated with the user. This will allow Qorus Integration Engine(R) to create, read, update, and delete any and all information related to Google calendars and calendarLists, including calendars, events, and associated information.
Sharing user data
No user data is shared with Qore Technologies or any other servers.
Storing user data
These packages store credentials on the Qorus Integration Engine(R) application instance to enable access to Google APIs on your behalf. Be aware that authorizing a Qorus Integration Engine(R) instance to access Google data enables access to that data by any user that can access the Qorus Integration Engine(R) instance with appropriate permissions to access the Google REST connection created. Use caution when granting access to sensitive calendar information on an application instance shared with other users.
By default, OAuth tokens are stored against a Qorus connection.
Policies for authors of packages or other applications
Do not use client IDs or client secrets from Qorus Google Access projects in any external package or tool. Per the Google User Data Policy, your application must accurately represent itself when authenticating to Google API services.
Qorus Google Access projects are designed to work only with Qorus Integration Engine(R) and should never be used for any other purpose or in any other context.