Google Workspace

Live

SERVICE ACCOUNT

ENTERPRISE

Productivity

Every user, group, and admin policy your organization manages lives in Google Workspace. Google Workspace DWD MCP gives your agent domain-wide authenticated access scoped to the admin who configured it.

  • Acts as the user: Access and write actions stay tied to the Google Workspace (DWD) account that authorized the agent.
  • Credentials stay vaulted: AES-256, resolved at request time, never in LLM context.
  • Scoped before every call: User permissions enforced. 90-day audit trail.
Google Workspace
agent · Acme Q3
Run
List all users in the engineering org unit who have been suspended in the last 30 days.
S
gws_users_list
84ms
Workspace admin agent
4 suspended accounts in Engineering. dev-contractor-01 (Oct 28, offboarding), test-user-sandbox (Oct 25, cleanup), intern-2024-fall (Oct 15, end of contract), external-vendor-api (Oct 10, revoked).
Sources: Engineering OU, last 30 days
googleworkspacedwdmcp
4 users
18:29
Message Claude...

Tools your workspace admin agent reaches for on Google Workspace (DWD), scoped per user.

CALL ANY TOOL
List and manage users, groups, org units, and admin policies across the Google Workspace domain.
googledwd_append_values
Append Values
Append rows of data to a Google Sheets spreadsheet. Data is added after the last row with existing content in the specified range.
Parameters
Name
Type
Required
Description
range
string
Required
The A1 notation range to append data to (e.g. Sheet1!A1)
spreadsheet_id
string
Required
The ID of the spreadsheet to append data to
values
array
Required
2D array of values to append. Each inner array is a row.
insert_data_option
string
Optional
How the input data should be inserted. Options: INSERT_ROWS (inserts new rows), OVERWRITE (overwrites existing data). Default: OVERWRITE
value_input_option
string
Optional
How input data should be interpreted. Options: RAW (literal values), USER_ENTERED (as if typed in UI, parses formulas/dates). Default: USER_ENTERED
googledwd_clear_values
Clear Values
googledwd_complete_task
Complete Task
googledwd_copy_file
Copy File
googledwd_create_chat_message
Create Chat Message
googledwd_create_contact
Create Contact
googledwd_create_document
Create Document
googledwd_create_draft
Create Draft
googledwd_create_event
Create Event
googledwd_create_filter
Create Filter
googledwd_create_folder
Create Folder
googledwd_create_form
Create Form
googledwd_create_meet_space
Create Meet Space
googledwd_create_presentation
Create Presentation
googledwd_create_spreadsheet
Create Spreadsheet
googledwd_create_task
Create Task
googledwd_create_task_list
List create task
googledwd_create_vault_matter
Create Vault Matter
googledwd_delete_contact
Delete Contact
googledwd_delete_event
Delete Event
googledwd_delete_file
Delete File
googledwd_delete_task
Delete Task
googledwd_end_meet_conference
End Meet Conference
googledwd_fetch_mails
Fetch Mails
googledwd_get_admin_group
Get Admin Group
googledwd_get_admin_user
Get Admin User
googledwd_get_alert
Get Alert
googledwd_get_alert_metadata
Get Alert Metadata
googledwd_get_attachment_by_id
Get Attachment By Id
googledwd_get_chat_space
Get Chat Space

For more tools, view docs.

Build your Agent
Drop the toolkit in, point it at the user, and your workspace admin agent can use Google Workspace (DWD) from the first run.
Python · LlamaIndex
import { ScalekitClient } from "@scalekit-sdk/node";
import { DynamicStructuredTool } from "@langchain/core/tools";
import { createReactAgent } from "@langchain/langgraph/prebuilt";
import { z } from "zod";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);

const { tools } = await sk.tools.listScopedTools("user_123", {
filter: { connectionNames: ["googleworkspacedwd"], toolNames: ["gws_users_list", "gws_user_get", "gws_groups_list"] },
pageSize: 100,
});

const lcTools = tools.map((t) => new DynamicStructuredTool({
name: t.tool.definition.name,
description: t.tool.definition.description,
schema: z.object({}).passthrough(),
func: async (args) => {
const { data } = await sk.tools.executeTool({
toolName: t.tool.definition.name,
identifier: "user_123",
params: args,
});
return JSON.stringify(data);
},
}));

const agent = createReactAgent({ llm, tools: lcTools });
import { ScalekitClient } from "@scalekit-sdk/node";
import OpenAI from "openai";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);
const openai = new OpenAI();

const { tools } = await sk.tools.listScopedTools("user_123", {
filter: { connectionNames: ["googleworkspacedwd"], toolNames: ["gws_users_list", "gws_user_get", "gws_groups_list"] },
pageSize: 100,
});

const llmTools = tools.map((t) => ({
type: "function",
function: {
name: t.tool.definition.name,
description: t.tool.definition.description,
parameters: t.tool.definition.input_schema,
},
}));

const resp = await openai.responses.create({
model: "gpt-4o", input: prompt, tools: llmTools,
});
import { ScalekitClient } from "@scalekit-sdk/node";
import Anthropic from "@anthropic-ai/sdk";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);
const anthropic = new Anthropic();

const { tools } = await sk.tools.listScopedTools("user_123", {
filter: { connectionNames: ["googleworkspacedwd"], toolNames: ["gws_users_list", "gws_user_get", "gws_groups_list"] },
pageSize: 100,
});

const llmTools = tools.map((t) => ({
name: t.tool.definition.name,
description: t.tool.definition.description,
input_schema: t.tool.definition.input_schema,
}));

const msg = await anthropic.messages.create({
model: "claude-sonnet-4-6", max_tokens: 1024,
tools: llmTools,
messages: [{ role: "user", content: prompt }],
});
import { Agent } from "@google/adk/agents";
import {
MCPToolset, StreamableHTTPConnectionParams,
} from "@google/adk/tools/mcp";

const toolset = new MCPToolset({
connectionParams: new StreamableHTTPConnectionParams({
url: "https://mcp.scalekit.com/googleworkspacedwd",
headers: { Authorization: `Bearer ${userScopedToken}` },
}),
});

const agent = new Agent({
name: "agent", model: "gemini-2.0-flash",
tools: await toolset.getTools(),
});
Try these prompts
Paste any prompt into your agent to start using Google Workspace (DWD).
Users & groups
Copy the prompt
Copied
List all users in [org unit].
Copy the prompt
Copied
Get profile for [email].
Copy the prompt
Copied
List groups in [domain].
Copy the prompt
Copied
Who are the members of [group email]?
Admin & security
Copy the prompt
Copied
List all suspended users.
Copy the prompt
Copied
Suspend user [email].
Copy the prompt
Copied
Find users with no 2FA enabled.
Copy the prompt
Copied
List all admin accounts in the domain.
Org & reporting
Copy the prompt
Copied
List all org units under [OU path].
Copy the prompt
Copied
How many users are in [domain]?
Copy the prompt
Copied
Which users were added this month?
Copy the prompt
Copied
Find users whose accounts expire this week.
SEE HOW AUTH WORKS
Users authorize Google Workspace (DWD) once. Their credentials stay vaulted, every call is checked, and every action is logged.
1
Authorize
Your user connects
Google Workspace
once. We tie it to their identity and the meetings they approved — no shared bot account, no org-wide access
Who:
user ‘A’
when:
Once per user
access:
Limited to user
2
Store
Their
Google Workspace
token lives in a vault scoped to them. User A's meetings are never reachable by an agent acting for user B, even on the same connection
vault:
encrypted
scope:
per-user
tokens:
auto-refreshed
3
Resolve
When your agent calls a
Google Workspace
tool, we fetch the right token server-side. It never touches your agent, never appears in the LLM context, never shows up in your logs
speed:
~40ms
check:
before every call
seen by:
nobody
4
Audit
Every
Google Workspace
tool call is logged — who triggered it, which meeting was fetched, what came back. 90 days of history, tied to the user who authorized it
history:
90 days
export:
SIEM-ready
logged:
every call
Test other agents
Same per-user auth pattern across other workspace admin agents and MCP connectors. Working code, live demos, fork what fits.
SUPPORT
Support triage agent
Read Zendesk tickets, fetch runbooks from Notion, and route to the right Slack channel with a drafted response.
ENGINEERING
DevOps assistant agent
Triage GitHub incidents, open Linear tickets, and notify the on-call channel in Slack with context already attached.
Why Scalekit
Secure your agent's access. Connectors ship in minutes
Other connector libraries treat auth as a demo afterthought. Scalekit starts with user identity, scope enforcement, and audit.
01.
Shared tokens break per-user analytics
A shared token looks fine in a demo. In production every call looks like a service account. Scalekit resolves the real user credential so attribution, audit, and scope stay accurate.
// shared token
 audit → bot_service_account
 user_filter → broken

 // scalekit
 audit → user_abc
 scope → enforced ✓
02.
Authentication is not authorization
03.
Multi-tenancy is architectural
04.
Google Workspace (DWD) today. Others tomorrow.
“Our agents act across Salesforce, Gong, Google Drive, and more, on behalf of every customer. Scalekit behind the scenes meant we can keep adding tools without ever rebuilding how credentials or tool calling work.”
Venu Madhav Kattagoni
Head of Engineering / Von
FAQs
Frequently Asked Questions
Does the agent access Google Workspace (DWD) as the user or as a shared key?
As the user. Each workspace member authorizes once and Scalekit resolves their credential at request time. Audit logs attribute every action to that user, not a shared service account.
Where is the Google Workspace (DWD) service account stored?
In Scalekit's managed AES-256 token vault, namespaced per tenant. Refresh is automatic. Revocation is a single dashboard action. Tokens never appear in prompts, logs, or LLM context.
Can I limit what the agent is allowed to do in Google Workspace (DWD)?
Yes. Pass a tool name filter to listScopedTools so the workspace admin agent only sees the subset you authorize. Pre-API-call scope checks block out-of-policy actions before the request reaches Google Workspace (DWD).
What happens when a user revokes Google Workspace (DWD) access?
The connection is invalidated on the next tool call. Subsequent requests for that user fail closed with a clear error. Other users in the tenant remain unaffected. The event is logged for audit.
How are domain-wide delegation scopes controlled?
Scopes are configured in Google Admin Console by your workspace admin. Scalekit only impersonates users within those granted scopes. No scope beyond what was configured at setup is ever called.
Start in your coding agent
Up and running in one command
Install the Scalekit skill in your editor of choice. Connector, auth, tools, prompt, all wired up
Claude Code REPL
/plugin marketplace add scalekit-inc/claude-code-authstack
/plugin install agentkit@scalekit-auth-stack
Cursor Code REPL
# ~/.cursor/mcp.json
{
""mcpServers"": {
""googleworkspacedwd"": {
""url"": ""https://mcp.scalekit.com/googleworkspacedwd"",
""headers"": { ""Authorization"": ""Bearer $SCALEKIT_TOKEN"" }
}
}
}
Codex Code REPL
# ~/.codex/config.toml
[mcp_servers.googleworkspacedwd]
url = ""https://mcp.scalekit.com/googleworkspacedwd""
auth_env = ""SCALEKIT_TOKEN""
Copilot Code REPL
# .vscode/mcp.json
{
""servers"": {
""googleworkspacedwd"": {
""url"": ""https://mcp.scalekit.com/googleworkspacedwd"",
""type"": ""http""
}
}
}