Exam Associate-Google-Workspace-Administrator Topic 5 Question 48 Discussion

Actual exam question for Google's Associate-Google-Workspace-Administrator exam
Question #: 48
Topic #: 5
Your company recently installed a free email marketing platform from the Google Workspace Marketplace. The marketing team is unable to access customer contact information or send emails through the platform. You need to identify the cause of the problem. What should you do first?

Suggested Answer: B Vote an answer

When a third-party application from the Google Workspace Marketplace is installed, it requests specific permissions (OAuth scopes) to access Google Workspace data and services. If the marketing team is unable to access customer contact information or send emails, the most likely cause is that the installed email marketing platform was not granted the necessary OAuth scopes for Contacts and Gmail during the installation or approval process.
Here's why other options are less likely to be the first step:
A . Verify that the email marketing platform's subscription is active and up-to-date. While important for continued use, a "free" platform from the Marketplace generally doesn't have a subscription that would prevent initial access to basic functions like contacts and sending emails unless it's a trial that expired, which isn't indicated as the primary problem. This would be a later troubleshooting step if scope issues are ruled out.
C . Confirm that the "Manage Third-Party App Access" setting in the Admin console is enabled. This setting controls whether users can install any third-party apps from the Marketplace. If it were disabled, the app likely wouldn't have been installed in the first place. If it was enabled and then disabled, the app would stop working, but the specific problem points to data access, not app disablement.
D . Use the security investigation tool to review Gmail logs. The security investigation tool is excellent for reviewing security events, but it's more for post-incident analysis or suspicious activity. In this scenario, the problem is a lack of functionality for a newly installed app, not a security breach or misconfiguration that would necessarily show up in Gmail logs immediately as an access issue for the app itself. The OAuth scopes are the more direct and initial point of failure.
Reference from Google Workspace Administrator:
Manage third-party app access to data: Google Workspace administrators can control which third-party apps can access their organization's data. This includes reviewing and managing OAuth API access for configured apps.
Reference:
Understanding OAuth scopes: When an application requests access to Google data, it does so by requesting specific "scopes." These scopes define the particular resources and operations that the application is allowed to perform. For an email marketing platform, scopes for https://www.googleapis.com/auth/contacts (or a more specific contact scope) and https://www.googleapis.com/auth/gmail.send (or a broader Gmail scope) would be crucial.
Controlling which third-party & internal apps can access Google Workspace data: This section in the Admin console specifically allows administrators to review "Configured apps" and check their "OAuth API access." This is where you would see the scopes granted to the email marketing platform.

by Tammy at Aug 15, 2025, 06:03 AM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10