Who is this for?

For users who do not want to disable certain Google Workspace whitelisting features, this is an alternative route for sending phishing simulations by inserting the emails directly in an employee's inbox.

Important note: We are aware that the "email opened" statistic is not captured yet. We are working on improving the direct mail injection experience, but for now we recommend primarily reporting the failure rate.

Prerequisites:

Google Workspace Admin access and ability to access Domain-Wide Delegation

Integration steps in Google Workspace

Log in to your Google Workspace admin console.
Set Up Domain-Wide Delegation to Jericho's Direct Mail Injection Client:
- Go to "Security" > "API Controls" > "Manage Domain-Wide Delegation"
- Add a new Api client
  - Connect to the client id with 103403442276232723996
  - OAuth scopes: https://www.googleapis.com/auth/gmail.modify, https://www.googleapis.com/auth/gmail.insert
  - click authorize
NOTE: This authorization only covers one domain; if you are a multi-domain organization, repeat these steps for each domain.

Returning to app.jerichosecurity.com

Navigate to Workspace Settings
Scroll down to Direct Mail Injection settings
- Change the Direct Mail Injection Settings to Google DMI
Click Save changes
The page will refresh, now with an additional option to test your connection via a single email address.

Direct Mail Injection - Google Workspace

Who is this for?

Prerequisites:

Integration steps in Google Workspace

Returning to app.jerichosecurity.com