View Categories

How to set up pre-approval access for GAT Flow?

Unlock is a feature within GAT+ that allows Google Workspace admins to take different actions across their domain.

The Unlock functionality is required for:

  • Viewing content of Files and Emails
  • Changing ownership of Google Drive Files
  • Copying Google Drive folders and moving them to another user
  • Adding or removing users from Drive and Shared Drive files
  • Setting up email delegation to user accounts
  • Using the GAT Flow functionality to:
      • Onboard users into the domain
      • Offboard users from the domain
      • Modify users in the domain

The Unlock functionality requires each of the actions above to be approved by the Security Officer. This is designed as a security feature.

Note: To have access to GAT Flow you must have  GAT Unlock configured, this product requires a paid subscription.

What is pre-approved access in GAT Flow? #

Preapproval in Unlock allows the action chosen for Flow, Drive, or Email to be done without the need of the Security Officer’s approval for every request.

i.e.: Allowing Unlock to be used without approval by the Security officer.

The setting up of Pre-approval must be set up and approved by Security Officer

How to set up GAT Flow pre-approval in GAT+? #

Navigate to GAT+ > Configuration > Security Officer > Access permissions 

In Access Permissions click on the + button <- Click here to create new preapproved access

A new window will be displayed fill in the details required:

  • Authorized user – select the user who you want to set pre-approved access to
  • Type Flow, Drive, Email
  • Scope – User, Group, Org.Unit
  • Valid until – set the time until pre-approved access will be granted
  • Flow types – select the type of workflow
    • Onboarding
    • Offboarding
    • Modify

Click on Save 

Flow setup #

Navigate to Flow > Preapproved access > Create preapproved access

A new window will be displayed fill in the details required:

  • User – select the user who you want to set pre-approved access to
  • Scope type – User, Group, Org.Unit
  • Scope – enter the user/group/org.unit
  • Valid to – set the time until pre-approved access will be granted
  • Flow types – select the type of workflow
    • Onboarding
    • Offboarding
    • Modify

Click on Save 

Result #

The Pre-approved access will be granted to the selected user.

The Pre-approved access must be approved by the Security Officer.

Approval in Flow #

Approval in GAT+ #

Create workflow result #

When pre-approval in Flow is enabled, the Admin will receive pop-up notifications every time they are about to send the request.

The pop-up will show them that pre-approval is enabled and security officer is not required

When the Admin “Create workflow”, they will receive a pop-up message as below.

Event and Recurring workflow result #

When Event or Recurring workflow is used:

  • The Event and Recurring workflow needs to be approved separately from the Pre-approval
  • The “pre-approval” option must be selected

Edit preapproval #

Edit existing pre-approved access.

Navigate to Flow > Preapproved access

  • Click on the “pen” icon to edit existing preapproved access.
  • Click on the (x) to delete the preapproved access.

Navigate to GAT+ > Configuration > Security Officer > Access permissions 

Find the Preapproved access > click on the “eye” icon and edit the Flow types 

Video of setting up pre-approval in Flow

AI in Education

Insights from Industry Leaders

Join GAT Labs and industry leaders to explore how AI is improving learning, enhancing teaching, and securing the future of education. Don’t miss these exclusive sessions!

Session 2

April 2

13:00 EDT | 10:00 PDT | 17:00 GMT

This website uses cookies to ensure you get the best experience on our website