Google OAuth Testing Instructions for Keepli

For Google Verification Team

This page provides step-by-step instructions for testing Keepli's OAuth integration and scope usage.

Overview

Keepli is a Google Workspace security compliance tool that helps organizations identify security risks in their Google Drive files and user accounts.

Testing Instructions

Step 1: Access the Application

  1. Navigate to the application URL: https://trykeepli.com
  2. You will see the homepage with a "Scan now — 2 minutes" button
Keepli Homepage

Step 2: OAuth Consent Process

  1. Click "Scan now — 2 minutes" button
  2. You will be redirected to Google OAuth consent screen
  3. Required Scopes to Grant:

Required OAuth Scopes:

  • openid - Basic authentication
  • email - Access to email address
  • profile - Access to basic profile information
  • https://www.googleapis.com/auth/admin.directory.user.readonly - Read user directory information
  • https://www.googleapis.com/auth/drive.metadata.readonly - Read file metadata
Google OAuth Consent Screen

Step 3: Admin Account Requirements

⚠️ IMPORTANT:

You must use a Google Workspace admin account for testing because:

  • The app requires admin privileges to access user directory information
  • The app needs to check 2FA status across all users
  • The app needs to analyze file sharing permissions across the entire domain

Step 4: After OAuth Consent

  1. After granting consent, you'll be redirected to /dashboard
  2. The app will automatically:
    • Check if your account has admin privileges
    • Fetch your workspace information
    • Display security dashboard with tabs for:
      • User Management: List of all users in your workspace
      • Security & 2FA: Users without 2FA enabled
      • Files: File sharing analysis

Step 5: Testing Scope Usage

Testing admin.directory.user.readonly scope:

  1. Go to "User Management" tab
  2. You should see a list of users from your workspace
  3. Go to "Security & 2FA" tab
  4. Click "Run Security Scan"
  5. The app will fetch user data including 2FA status
User Management and Security Dashboard

Testing drive.metadata.readonly scope:

  1. Go to "Files" tab
  2. Click "Run File Security Scan"
  3. The app will analyze file sharing permissions
  4. You'll see files with risky sharing settings
File Security Analysis

Step 6: Expected Results

  • User Directory Data: List of users, their 2FA status, admin status, last login times
  • File Metadata: File names, owners, sharing permissions (NOT file content)
  • Security Reports: Analysis of security risks in your workspace

Test Account Requirements

For Google Verification Team:

  1. Account Type: Google Workspace admin account
  2. 2FA: Can be enabled or disabled (app will detect this)
  3. Permissions: Must have admin access to the workspace
  4. Domain: Any valid Google Workspace domain

Test Data Available:

  • User directory information (names, emails, 2FA status)
  • File sharing analysis (permissions, owners, visibility)
  • Security compliance reports

Troubleshooting

If OAuth Consent Fails:

  1. Ensure you're using a Google Workspace admin account
  2. Check that the workspace domain is correct
  3. Verify the account has necessary permissions

If Admin Check Fails:

  1. The account must be a Google Workspace administrator
  2. The domain must be a valid Google Workspace domain
  3. The account must have access to the Admin Console

If Scope Usage is Not Visible:

  1. Check the browser console for any errors
  2. Ensure all required scopes were granted during OAuth
  3. Verify the account has admin privileges

Contact Information

Additional Notes

Last updated: 10/30/2025

This testing guide is specifically designed for Google OAuth verification and demonstrates Keepli's compliance with Google's API usage requirements.