Google Drive read connector
The Google Drive connector lets an agent read one file that a user explicitly selects in Google Picker. It does not receive broad access to the user's Drive, and the OAuth token and file content stay in Axtary's local enforcement plane.
Status: live. This connector is verified end to end against real Google Drive with a
drive.file-scoped OAuth client: the one file you pick reads back within its byte cap, a file you did not pick is refused — by Axtary's policy allowlist and again by Google itself (isAppAuthorized=false) — and the exported ledger verifies with no OAuth tokens or file content inside it.
What an agent can do
| Action | Scope | Default treatment |
|---|---|---|
drive.files.read | one exact drive:file:<fileId> resource | denied until the file id is policy-allowlisted |
Axtary requests only Google's
https://www.googleapis.com/auth/drive.file scope. During connection, Google
Picker asks the user to choose one file and returns that file id with the OAuth
callback. Axtary stores the token locally and keeps the selected id as
non-secret connection metadata.
Before content is downloaded, the adapter reads the file's metadata and
requires Google to report isAppAuthorized=true. An arbitrary file id that was
not selected for this app fails closed.
Connect it
In Google Cloud, enable the Drive API and Picker API, then create an
OAuth client. The Picker's trigger_onepick flow needs a custom HTTPS redirect,
which only a Web application client can register (a Desktop client allows
only localhost) — and a Web client is confidential, so it has a client
secret you must supply alongside the client id. Register a tunnel URL (e.g.
ngrok or cloudflared) that forwards to Axtary's local callback listener as an
Authorized redirect URI, and add your Google account as a test user.
export AXTARY_DRIVE_CLIENT_ID="...apps.googleusercontent.com"
export AXTARY_DRIVE_CLIENT_SECRET="..." # required: Web-app clients are confidential
axtary connect drive \
--redirect-uri https://your-tunnel.example/callback \
--redirect-port 7878
The browser request uses drive.file only, prompt=consent, and
trigger_onepick=true. Select one Google Doc or supported textual file. The
token is stored in the local credential broker (OS keychain when it can store
and read back the secret, otherwise the 0600 file — both keep the token off
the agent and out of the ledger).
Inspect non-secret connection metadata:
axtary connections --json
Copy the returned selectedFileId into the policy allowlist:
adapters:
drive:
mode: rest
tokenEnv: AXTARY_DRIVE_ACCESS_TOKEN # optional env fallback
maxReadBytes: 100000
allowedMimeTypes:
- application/vnd.google-apps.document
- text/plain
- text/markdown
- text/html
- text/csv
- application/json
- application/xml
policy:
drive:
reads:
allowedFileIds:
- YOUR_PICKED_FILE_ID
maxReadBytes: 100000
The broker credential takes precedence over tokenEnv. The selected file id is
not authority by itself: policy must independently allow the same id, and the
normalized resource must be exactly drive:file:<fileId>.
Check and run
The local smoke check reads selected-file metadata only; it never downloads the file:
axtary doctor connectors --config examples/axtary.drive.yml
axtary smoke --config examples/axtary.drive.yml
Run the governed read:
axtary run workflow drive-read --real \
--config examples/axtary.drive.yml \
--file-id YOUR_PICKED_FILE_ID \
--max-bytes 100000
If --file-id is omitted, Axtary uses the id captured from the most recent
axtary connect drive Picker flow.
Google Docs export as bounded plain text. Supported textual blob files download through the Drive API. Unsupported MIME types or content above the configured byte cap fail closed.
What the ledger records
The authorization record contains the file id, exact resource, drive.file
scope, and byte cap. The execution outcome may add the provider-returned title,
MIME type, URL, isAppAuthorized state, and returned byte count.
The ledger, attestation export, hosted dashboard, and CLI diagnostics do not contain:
- access or refresh tokens;
- the file body;
- authorization headers.
Use axtary attest-ledger followed by axtary verify-export to verify the
result independently.