Whitelist App Maker apps

Turn off app permission reviews

When an app needs access to a user’s G Suite data, such as Gmail or Google Drive files, the user is prompted to allow the app to access that data. Sometimes, this prompt can be confusing and alarming for users. As an administrator for your organization, you can authorize the app so your users don’t have to allow permission.

Before you begin

Publish the App Maker app to a deployment.

Step 1: Get your app’s client ID

  1. Open the app in App Maker and click Settings Advanced settings and thenDeployments
  2. Next to the deployment, click the Down arrowDown Arrow.
  3. Click View Logs to open the Google Cloud Platform Console in a new tab. Leave the Deployments tab open because you'll need the information later.
  4. In the Google Cloud Platform Console, click Menu Menuand thenAPIs & Servicesand thenCredentials.
  5. In the OAuth 2.0 client IDs table, in the Client ID column, click Copy Copyto copy the Client ID value.

Step 2: Add your app as an authorized API client

Open a new browser window for the following steps.

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Security.

    To see Security on the Home page, you might have to click More controls at the bottom.

  3. Click Advanced Settingsand thenManage API client access.
  4. In the Authorized API clients column of the table, in the Client Name box, paste the Client ID value that you copied earlier. Don’t paste the project name.
  5. In App Maker, on the Deployments tab next to the OAuth scope, click Copy Copy
  6. In the Google Admin console, in the One or More API Scopes box, paste the OAuth scope. 
  7. If you have more than one scope, paste each scope in the One or More API Scopes box and separate the scopes with commas. If you have a lot of scopes, click Show all scopes to make sure you copy all of them.
  8. Click Authorize.
  9. If users are still prompted to review permissions, go back to the Google Admin console and confirm that the client ID is correct and that all OAuth scopes are entered in a comma-separated list. If one OAuth scope is missing, users are prompted to review permissions for all OAuth scopes.

Related topics

Was this helpful?
How can we improve it?