VantaCRM

Help

Connecting Gmail

Vanta CRM can send and receive on your real Gmail address. This makes replies thread naturally and keeps follow-ups tied to your domain reputation. Here’s how the connection works and what we’re asking for.

How to connect

  1. Open Settings → Integrations → Gmail.
  2. Click Connect Gmail. You’ll be redirected to Google’s consent screen.
  3. Approve the scopes listed below. Google may show a warning that Vanta CRM is “not verified” until our verification review is complete — you can still click Advanced Go to vantacrm.com.
  4. You’re back in Vanta CRM, connected. We start watching for new messages on your account within a few seconds.

What scopes we ask for

The exact scope list lives in src/lib/google/oauth.ts and we keep this page in sync with it:

  • gmail.send — send messages on your behalf. Used for follow-ups composed in Vanta CRM. We never send without your confirmation in the compose UI.
  • gmail.readonly — read messages tied to your contacts so replies thread into the CRM timeline. We only ingest messages whose To/From matches a contact or lead in your tenant; unrelated mail is ignored. We do not modify, label, or mark messages in your inbox — the scope is strictly read-only.
  • calendar.readonly — read your calendar events. This powers upcoming meeting context on the contact timeline (feature in development); the scope is requested today so we don’t have to re-prompt for consent when it ships.
  • userinfo.email + userinfo.profile — identify which user authorized the connection, used as the From address.

What we do with your mail

  • Sent messages are routed through Google’s SMTP as you, with your domain’s DKIM signature.
  • Inbound replies matching a CRM contact are pulled via the Gmail History API and logged on the contact’s timeline. We store subject, body (HTML + text), recipients, and attachments. We do not scan, summarize, or send any of this to third parties beyond what AI features explicitly invoke (see privacy).
  • Unrelated mail — messages with no matching contact — is not ingested. We don’t store, index, or see it.

How to disconnect

  1. In Vanta CRM: Settings → Integrations → Gmail → Disconnect. This deletes the stored refresh token on our side; we lose all access immediately.
  2. On Google: visit myaccount.google.com/permissions, find Vanta CRM, and revoke. This belt-and-suspenders ensures the grant is gone from your account history too.

After disconnect, previously-ingested messages on contact timelines stay in Vanta CRM (they’re part of your CRM history). New messages stop syncing. You can re-connect at any time.

Troubleshooting

  • “Connection invalid” in Settings → Integrations. Your Google password changed, 2-step verification was reset, or the token expired during a long idle. Click Reconnect.
  • Sent emails not threading. Make sure you’re composing the follow-up from the same contact whose original message you replied to. New threads start fresh.
  • Replies not appearing. They arrive on the next Gmail push notification (usually within seconds). If they don’t after a minute, the watch subscription may have expired — reconnect to renew.

If something else breaks, send a screenshot via contact.