Project Description

📖 2 mins read
Last year, Google launched app access control to help all G Suite and Cloud Identity customers control access to G Suite data via OAuth 2.0 by third-party and domain-owned apps. Now, Google is improving it by allowing admins to block apps from accessing any OAuth 2.0 scopes. This makes it easy for customers to quickly restrict apps that are deemed to be high-risk or compromised.
If an app is blocked, it will not be able to access any data from Google services. It will be blocked whether the app is on iOS, Android, or the web. If users try to authorize the app, they’ll see an authorization error message. Admins can customize this error message if they choose.

Who’s impacted

Admins

Why you’d use it

G Suite has a robust developer ecosystem, with thousands of apps available via the G Suite Marketplace and directly to customers, and a rich API framework enabling customers to develop custom apps. Not all apps, however, conform to every enterprise customer’s security policy, so G Suite customers and partners value controls to manage third-party apps accessing G Suite data.
Previously, admins could trust or limit access by specific apps. Now, Google is streamlining this to make it easier to manage potentially thousands of apps, and to help you to more quickly block apps when needed. By adding an option to block an app, you can quickly and efficiently protect data when an app is compromised or high-risk.
Block apps from accessing G Suite data with app access control 1
You can now block app access to OAuth 2.0 scopes via the Admin console. 
 
Block apps from accessing G Suite data with app access control 2
Apps can now be trusted, limited, or blocked. 

Getting started

Rollout pace

Availability

  • Available to G Suite Basic, G Suite Business, G Suite Enterprise, G Suite for Education, G Suite Enterprise for Education, and G Suite for Nonprofits customers
  • Not available to G Suite Essentials and G Suite Enterprise Essentials customers
Thanks for sharing and spreading the word!