Manage App Maker in your organization

As a G Suite administrator, you have several tools to control and monitor App Maker. These include permissions, reports, and audit logs. You can also delete apps and their associated databases.

Manage app permissions

Control who can use App Maker

You can turn on App Maker for:

  • your entire organization
  • select organizational units
  • select access groups

From the Admin console, go to Appsand thenAdditional Google Servicesand thenApp Maker.

Control Drive sharing settings

App Maker project files are stored in the app owner's Drive. You can control how users share Drive files in your organization. From the Admin console, go to Appsand thenDrive & Docs.

Learn more about how to set file-sharing permissions.

Manage OAuth permissions

You can control the permissions that App Maker apps can request from users in your organization. From the Admin console, go to Securityand thenSettingsand thenAPI Permissions. We recommend you review the following settings:

  • Apps Script runtime–Select Enable to allow App Maker apps, add-ons, and Apps Script projects to request OAuth 2.0 scopes specific to the Apps Script environment. This setting applies to apps and scripts from inside and outside your organization. It doesn't apply to Apps Script projects that don't request scopes. It also doesn't apply to Apps Script projects that request scopes only in Google products.
  • Apps Script API–Select Enable to allow OAuth 2.0 clients to use the Apps Script API to manage projects.
  • Trust domain owned apps—Uncheck the box to allow whitelisted apps to skip authentication requests.

Learn more about how to whitelist connected apps.

Skip user OAuth prompts

You can whitelist App Maker apps so they don't request user permission to access user data.

View App Maker reports and related audit logs

As an admin with App Maker-App Maker Project Reports privileges, you can view a list of all App Maker projects in your organization and get details for each app:

  1. From the Admin console, go to Appsand thenAdditional Google Servicesand thenApp Maker.
  2. Click Additional resources.
  3. Click View list of all App Maker projects.
  4. (Optional) Click Add Add a Filter to narrow the list to a specific set of apps:
    • To filter by words in app titles, click Title and enter one or more words.
    • To filter by scope, click OAuth Scopes and enter a scope. Learn more about the scopes used by App Maker.
  5. Click an app to open its report. The report displays:
    • Project information–this section lists:
      • the app's creator and owner
      • date created
      • deployment status: previewed or deployed
      • description as entered by the app's author
      • last deployed date
      • last modified date
      • Project ID
    • Deployments–for each of the app's deployments, this section lists:
      • Deployment ID
      • Last deployment date
      • Google Cloud Project ID
      • OAuth client ID
      • Version–the app revision of the deployment.
      • OAuth scopes used
      • URL–click to open the app.
      • Execute as–indicates whether the app runs as the developer or end user. Learn more about an app's execution identity.
    • Project metrics
      • 7-day error rate
      • 7-day users
      • 7-day executions

To report a bug or request a feature related to the project report, you can create an issue.

View OAuth audit events

You can view OAuth token authorizations for specific OAuth client IDs, users, and scopes. From the Admin console, go to Reportsand thenAuditand thenToken.

Learn more about the OAuth token audit log.

View Drive audit logs

You can view activity by developers and other users who have permission to view or modify App Maker project files. From the Admin console, go to Reportsand thenAuditand thenDrive.

Learn more about the Drive audit log.

Delete App Maker apps and databases

If an app is no longer needed, the owner can delete it. A Google Cloud Platform (GCP) administrator or the owner of an external database can delete the app database.

Important: Remind app owners they must record an app's database key before they delete apps. The GCP admin needs this information to delete the correct Cloud SQL database.

Delete App Maker apps

As a G Suite admin, you can't delete App Maker apps owned by others. However, app developers can delete and export apps they own.

Delete App Maker databases

Data created by an app's users isn't deleted when a developer deletes the app. If that data is no longer needed, a GCP admin or the owner of an external database must delete the app's database.

Use caution when you delete databases or Cloud SQL instances used by App Maker. If you delete the wrong database, a deployed app might not work anymore.

Apps that use a Cloud SQL database

A GCP admin must delete the database key used by the app. Learn more about how to delete a Cloud SQL database.

Apps that use an external MySQL database

The owner of the database should refer to MySQL documentation for information about how to delete an app's database.

Was this helpful?
How can we improve it?