1. Expel Help Center
  2. Expel Managed Phishing
  3. Get Started With Managed Phishing

Expel Phishing Button Setup for Google Workspace

This article helps you add the Expel Phishing Button for Google Workspace.

Prerequisites

  1. This process must be completed by one of the organization’s Google Workspace administrators with the proper permissions.

Quick Links

  1. Install the Extension
  2. Configure the Extension for All Users
  3. Allowlist the Extension
  4. Enable Domain-Wide Delegation

Step 1: Install the Extension

  1. Have a Google Workspace administrator log in to https://admin.google.com/.

  2. From the Admin Console, select Devices.

    Screen_Shot_2021-04-27_at_7.45.49_AM.png

  3. In the navigation pane of the Devices page, select Chrome > Apps & extensions > Users & browsers.

    Screen_Shot_2021-04-27_at_7.46.29_AM.png

  4. In the lower right corner of the page, select the yellow + button and then select Add Chrome app or extension by ID.

    Screen_Shot_2021-04-27_at_7.50.05_AM.png

  5. In the box that appears, enter the extension ID gpkcimdiphdhnenbncknfiakplflhmnc and select Save.

    Screen_Shot_2021-04-27_at_7.51.34_AM.png

  6. Select the arrow next to the extension and choose Force install.

    Screen_Shot_2021-04-27_at_8.01.26_AM.png

Step 2: Configure the Extension for All Users

  1. With the Expel Phishing extension selected, an option panel appears on the right. In that option panel, locate the Policy for extensions field.

    Screen_Shot_2021-04-27_at_9.37.35_AM.png

  2. The Policy for extensions field expects a JSON block. Our custom JSON configuration accepts three parameters:

    destinations_forward_attachment REQUIRED (array of strings)
- Where the submitted phishing emails will be forwarded to as an attachment. 

 This is where the Expel Phishing alias provided by the EM should be entered.

destinations_forward_inline (array of strings)
- Where submitted phishing emails will be forwarded to inline.

valid_domains REQUIRED (array of strings)
- List of domains for which the button appears

(for example, if gmail.com is included, users logging into 
personal Gmail accounts see the button).

custom_success_message (string)
- Customized success message to show on submission of email to Expel Phishing.

move_to_trash (boolean) DEFAULT is true - Set to false and the button leaves the original 

message in the user’s inbox. If set to true, the button moves the original message to the trash folder upon submission.

Below are some example configurations and we're happy to help build this with you if that's preferred. After you decide on the configuration, paste the JSON block into the Policy for extension area.

Forward to Expel only

{
"customConfig":{
“Value”:{
“destinations_forward_attachment”: [“alias@expel-phishing.io”],
“valid_domains”: [“company.com”],
“custom_success_message”: “Thank you for being vigilant! The security team is looking into this and will update you shortly.”
}
}
}

Forward to both an internal distribution list and Expel 

{
"customConfig":{
“Value”:{
“destinations_forward_attachment”: [
“phishingreport@company.com”,
“alias@expel-phishing.io”
],
“valid_domains”: [“company.com”]
}
}
}

Forward to both Expel as an attachment and an internal security team as inline

{
"customConfig":{
“Value”:{
“destinations_forward_attachment”: [“alias@expel-phishing.io”],
“destinations_forward_inline”: [“security@company.com”],
“valid_domains”: [“company.com”]
}
}
}

Forward to both Expel and an internal security team and also show the button for users logging into personal Gmail accounts

{
"customConfig":{
“Value”:{
“destinations_forward_attachment”:
[“alias@expel-phishing.io”, “security@company.com”],
“valid_domains”: [“company.com”, “gmail.com”]
}
}
}

5. Select SAVE to complete the configuration.

Step 3: Allowlist the Extension

  1. Navigate back to the Google Workspace admin console at https://admin.google.com/.

    Screen_Shot_2021-04-27_at_9.48.36_AM.png

  2. Scroll down and open App access control.

    Screen_Shot_2021-04-27_at_9.49.15_AM.png

  3. Select MANAGE THIRD-PARTY APP ACCESS.

  4. In the Connected apps section, hover over Expel Phishing and select Change access.

  5. Choose Trusted: Can access all Google services and then select SAVE.

    Screen_Shot_2021-04-27_at_9.51.53_AM.png

    The Expel Phishing app is now listed as Trusted in the Connected apps view.

Step 4: Enable Domain-wide Delegation

  1. Go back to the Admin console and select Security.

    Screen_Shot_2021-04-27_at_9.52.55_AM.png

  2. Scroll down and open App access control.

    Screen_Shot_2021-04-27_at_9.53.25_AM.png

  3. Select MANAGE DOMAIN WIDE DELEGATION.

    Screen_Shot_2021-04-27_at_9.53.58_AM.png

  4. Select Add new.

    Screen_Shot_2021-04-27_at_9.54.34_AM.png

  5. Enter the following for the Client ID and the OAuth Scopes:

    Client ID: 528472867238-v8803num13j6691ue52qqm6tuoqpu9ns.apps.googleusercontent.com

    OAuth scopes: https://www.googleapis.com/auth/gmail.modify

    Screen_Shot_2021-04-27_at_9.57.29_AM.png

6. Select Authorize.

Related articles