Skip to main content
Glama

Google Calendar and Meet MCP Server

by INSIDE-HAIR
OverviewInspectNewSchemaRelated ServersScore
JavaScript
Hybrid
1
  • Apple
  • Linux
permissions-matrix.mdā€¢11.3 kB
# šŸ” Permissions Matrix - Google Meet MCP Server ## šŸ“‹ Overview This comprehensive permissions matrix defines what actions are available to different user roles and under what conditions. Use this as a reference for implementing role-based access control and understanding the security model of the Google Meet MCP Server. ## šŸŽÆ User Role Definitions ### **Executive (C-Level, VP+)** - **Scope**: Company-wide access with minimal restrictions - **Business Need**: Strategic oversight, company-wide coordination - **Security Level**: Highest trust level with audit trails ### **Manager (Director, Team Lead)** - **Scope**: Team/department-level access with some cross-team capabilities - **Business Need**: Team coordination, resource management - **Security Level**: High trust with team-focused permissions ### **Senior Individual Contributor (Senior Engineer, Principal Consultant)** - **Scope**: Extended personal access with limited team capabilities - **Business Need**: Technical leadership, cross-team collaboration - **Security Level**: Medium-high trust with specialized permissions ### **Individual Contributor (Engineer, Analyst, Coordinator)** - **Scope**: Personal access with basic team participation - **Business Need**: Personal productivity, team participation - **Security Level**: Standard trust with personal focus ### **External (Contractor, Client, Partner)** - **Scope**: Limited access to specific functions only - **Business Need**: Collaboration on specific projects/meetings - **Security Level**: Low trust with restricted access ## šŸ“… Calendar API v3 Permissions ### **calendar_v3_list_calendars** | Role | Access | Scope | Notes | |------|--------|-------|-------| | Executive | āœ… Full | All visible calendars | Can see shared/delegated calendars | | Manager | āœ… Full | Own + team calendars | Limited to managed teams | | Senior IC | āœ… Full | Own + shared calendars | Can see calendars shared with them | | IC | āœ… Full | Own + shared calendars | Personal and explicitly shared only | | External | āŒ None | - | Must use personal Google account | ### **calendar_v3_create_event** | Role | Basic Events | With Meet | External Attendees | Company-wide | Recording | |------|-------------|-----------|-------------------|--------------|-----------| | Executive | āœ… | āœ… | āœ… | āœ… | āœ… | | Manager | āœ… | āœ… | āœ… (with approval) | āŒ | āœ… (team meetings) | | Senior IC | āœ… | āœ… | āœ… (with approval) | āŒ | āœ… (project meetings) | | IC | āœ… | āœ… | āš ļø (limited) | āŒ | āš ļø (with permission) | | External | āŒ | āŒ | āŒ | āŒ | āŒ | **Legend:** - āœ… = Full access - āš ļø = Conditional access (see notes) - āŒ = No access ### **calendar_v3_update_event** | Role | Own Events | Team Events | Company Events | External Events | |------|------------|-------------|----------------|-----------------| | Executive | āœ… | āœ… | āœ… | āœ… | | Manager | āœ… | āœ… (if organizer/co-host) | āš ļø (if invited as co-host) | āŒ | | Senior IC | āœ… | āš ļø (if co-host) | āŒ | āŒ | | IC | āœ… | āŒ | āŒ | āŒ | | External | āŒ | āŒ | āŒ | āŒ | ### **calendar_v3_delete_event** | Role | Own Events | Team Events | Company Events | |------|------------|-------------|----------------| | Executive | āœ… | āœ… | āœ… | | Manager | āœ… | āœ… (if organizer) | āŒ | | Senior IC | āœ… | āŒ | āŒ | | IC | āœ… | āŒ | āŒ | | External | āŒ | āŒ | āŒ | ### **calendar_v3_freebusy_query** | Role | Own Calendar | Team Calendars | Company Calendars | External Calendars | |------|-------------|----------------|-------------------|-------------------| | Executive | āœ… | āœ… | āœ… | āš ļø (if shared) | | Manager | āœ… | āœ… | āš ļø (if shared) | āŒ | | Senior IC | āœ… | āš ļø (if shared) | āŒ | āŒ | | IC | āœ… | āš ļø (if shared) | āŒ | āŒ | | External | āŒ | āŒ | āŒ | āŒ | ## šŸŽ„ Google Meet API v2 Permissions ### **meet_v2_create_space** | Role | Basic Space | Restricted Access | Recording Enabled | Transcription | Smart Notes | |------|-------------|-------------------|-------------------|---------------|-------------| | Executive | āœ… | āœ… | āœ… | āœ… | āœ… | | Manager | āœ… | āœ… | āœ… | āœ… | āš ļø (license required) | | Senior IC | āœ… | āš ļø (approval required) | āœ… | āœ… | āš ļø (license required) | | IC | āœ… | āŒ | āš ļø (approval required) | āœ… | āŒ | | External | āŒ | āŒ | āŒ | āŒ | āŒ | ### **meet_v2_update_space** | Role | Own Spaces | Team Spaces | Company Spaces | |------|------------|-------------|----------------| | Executive | āœ… | āœ… | āœ… | | Manager | āœ… | āœ… (if host) | āŒ | | Senior IC | āœ… | āš ļø (if co-host) | āŒ | | IC | āœ… | āŒ | āŒ | | External | āŒ | āŒ | āŒ | ### **meet_v2_end_active_conference** | Role | Own Meetings | Team Meetings | Company Meetings | |------|-------------|---------------|------------------| | Executive | āœ… | āœ… | āœ… | | Manager | āœ… | āœ… (if host) | āŒ | | Senior IC | āœ… | āš ļø (if co-host) | āŒ | | IC | āœ… | āŒ | āŒ | | External | āŒ | āŒ | āŒ | ### **Conference Records & Analytics** #### **meet_v2_list_conference_records** | Role | Own Meetings | Team Meetings | Company Meetings | Historical Data | |------|-------------|---------------|------------------|-----------------| | Executive | āœ… | āœ… | āœ… | āœ… (all accessible) | | Manager | āœ… | āœ… | āš ļø (if participant) | āš ļø (team only) | | Senior IC | āœ… | āš ļø (if participant) | āš ļø (if participant) | āŒ | | IC | āœ… | āš ļø (if participant) | āŒ | āŒ | | External | āŒ | āŒ | āŒ | āŒ | #### **Recordings & Transcripts Access** | Role | Own Recordings | Team Recordings | Company Recordings | Download Rights | |------|---------------|----------------|-------------------|-----------------| | Executive | āœ… | āœ… | āœ… | āœ… | | Manager | āœ… | āœ… (if host) | āš ļø (if participant) | āœ… | | Senior IC | āœ… | āš ļø (if participant) | āš ļø (if participant) | āš ļø (with approval) | | IC | āœ… | āš ļø (if participant) | āŒ | āŒ | | External | āŒ | āŒ | āŒ | āŒ | #### **Participant Data Access** | Role | Own Meetings | Team Meetings | Company Meetings | PII Access | |------|-------------|---------------|------------------|------------| | Executive | āœ… | āœ… | āœ… | āœ… | | Manager | āœ… | āœ… | āš ļø (aggregated only) | āš ļø (team only) | | Senior IC | āœ… | āš ļø (if host) | āŒ | āŒ | | IC | āœ… | āŒ | āŒ | āŒ | | External | āŒ | āŒ | āŒ | āŒ | ## šŸ”’ Security & Compliance Rules ### **Meeting Classification Permissions** #### **Public Meetings** - **Who can create**: All roles - **Access control**: OPEN or TRUSTED - **Recording**: Optional - **External participants**: Allowed - **Data retention**: Standard (1 year) #### **Internal Meetings** - **Who can create**: IC and above - **Access control**: TRUSTED required - **Recording**: Recommended - **External participants**: With approval - **Data retention**: Standard (1 year) #### **Confidential Meetings** - **Who can create**: Manager and above - **Access control**: RESTRICTED only - **Recording**: Mandatory (with consent) - **External participants**: Prohibited - **Data retention**: Extended (7 years) #### **Executive Meetings** - **Who can create**: Executive only - **Access control**: RESTRICTED only - **Recording**: At discretion - **External participants**: Prohibited - **Data retention**: Per legal requirements ### **Data Access & Retention Rules** #### **Personal Data** ```yaml Own Meeting Data: - Full access to all personal meeting records - Can download recordings and transcripts - Can delete personal meeting data - Full control over personal calendar Participant Data: - Can see who attended their meetings - Cannot access other's personal meeting patterns - Cannot see detailed engagement metrics of others - Must respect privacy in analytics ``` #### **Team Data** ```yaml Team Meeting Data (Managers): - Full access to team meeting records - Can analyze team meeting patterns - Can access team productivity metrics - Cannot share individual performance data Team Meeting Data (ICs): - Can access meetings they participated in - Cannot access team-level analytics - Cannot see other team members' individual patterns - Can see aggregated team statistics ``` #### **Company Data** ```yaml Company Meeting Data (Executives): - Full access to company meeting analytics - Can analyze cross-team patterns - Can access compliance and audit data - Can generate executive reports Company Meeting Data (Others): - Cannot access company-wide analytics - Cannot see other department's data - Cannot access executive meeting data - Limited to own team/participation data ``` ## āš ļø Conditional Access Rules ### **Approval Required Scenarios** #### **External Participant Approval** ```yaml Always Requires Approval: - Competitor employees - Government officials - Media representatives - Unverified external contacts Manager Approval Required: - Client meetings with recording - Vendor meetings with confidential data - Partner meetings with IP discussions Executive Approval Required: - Board-level external participants - Regulatory body meetings - Legal proceeding participants ``` #### **Recording Permission Approval** ```yaml Auto-Approved: - Manager recording team meetings - Executive recording any meetings - Training session recordings Approval Required: - IC recording meetings with external participants - Recording meetings with sensitive data - Recording one-on-one conversations Prohibited: - Recording HR discipline meetings - Recording legal privilege conversations - Recording without participant consent ``` ### **Time-Based Restrictions** #### **After-Hours Meetings** ```yaml Standard Hours: 9 AM - 5 PM Local Time Extended Hours: 7 AM - 8 PM Local Time After-Hours Rules: - Manager approval required for team meetings - Executive meetings exempt from restrictions - External meetings require justification - Recording automatic for audit purposes ``` #### **Holiday/Weekend Restrictions** ```yaml Weekend Meetings: - Emergency-only for IC level - Manager approval required - Executive meetings always allowed - Automatic premium feature enablement Holiday Meetings: - Executive approval required for all roles - Emergency escalation procedures apply - Additional compensation considerations - Enhanced audit logging ``` ## šŸšØ Escalation Triggers ### **Automatic Escalation to Admin** - User requests exceed role permissions - Security policy violations detected - Unusual meeting pattern alerts - Compliance requirement violations ### **Escalation to Google UI** - Advanced calendar delegation setup - Complex room/resource booking - Workspace-level policy configuration - Hardware device management ### **Escalation to Legal/HR** - Requests for sensitive meeting data - Compliance investigation requirements - Employee privacy concerns - Data retention policy questions --- **šŸŽÆ This permissions matrix should be reviewed quarterly and updated based on business needs, security requirements, and regulatory changes. All access decisions should be logged for audit purposes.**

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/INSIDE-HAIR/mcp-google-calendar-and-meet'

If you have feedback or need assistance with the MCP directory API, please join our Discord server