Hi.
I have already done the API but it looks did not work. 
The user can still get non-permitted documents as a search result.
The return from the API looks like it has no error though.
{"content_source_id":"<content-source-id>","external_user_id":"<the email of Google Drive>","external_user_properties":[{"attribute_name":"_elasticsearch_username","attribute_value":"<the Elasticsearch username>"}],"permissions":[]}
As you said the email of the Elasticsearch user and the email in Google Drive are the same.