Direct Message Injection (DMI) Setup Guide for Google Workspace
The Direct Message Injection (DMI) feature (currently in Beta) allows phishing simulation emails to bypass traditional email filtering, delivering them directly to user inboxes without the need for whitelisting. This is achieved by creating a secure connection between your SoSafe account and your Google Workspace account.
Setting up DMI in Google Workspace
Step 1: Prerequisites
Required Admin role: Ensure you have a Google Workspace account with a super admin role to set up DMI. Refer to Google’s Control API access with domain-wide delegation for more details.
Limitations: The DMI connection does not support sending messages to alias email addresses.
Step 2: Authorize DMI in Google Workspace
Log into your Google Workspace Admin console at admin.google.com
Navigate to Security:
Go to Security (or More Controls at the bottom if you don’t see it).
Access API controls:
In security, click Overview, then select API Controls.
Enable domain wide delegation:
Under Domain wide delegation, click Manage domain wide delegation.
Click Add new.
Enter client ID and scopes:
In Client ID, enter: 105916117134231974568
In OAuth Scopes, enter: https://www.googleapis.com/auth/gmail.insert
Authorize:
Click the Authorize button to finalize.
Step 3: Activate Google DMI in SoSafe Manager
Log into your SoSafe Manager account.
Navigate to Integrations:
Go to Settings > Integrations
Enable Google DMI:
Find the Google DMI card and click Activate.
In the pop-up, enter your Gmail account email and click Send Test Email.
Verify connection:
Check your inbox to confirm receipt of the test email.
Once verified, check the Google DMI Connection box to enable Google DMI in your SoSafe Manager.
Disconnecting Google DMI
If you need to disable the DMI connection, follow these steps:
Log into your SoSafe Manager account.
Navigate to Integrations:
Go to Settings > Integrations.
Disable Google DMI:
Find the Google DMI card, click Edit, and uncheck the Google DMI Connection box.
Regenerate emails for active campaigns:
For active campaigns, trigger email regeneration in the manager to ensure proper delivery without DMI.