When an app needs access to a user’s G Suite data, such as Gmail or Google Drive files, the user is prompted to allow the app to access that data. Sometimes, this prompt can be confusing and alarming for users. As an administrator for your organization, you can authorize the app so your users don’t have to allow permission.
Before you begin
Publish the App Maker app to a deployment.
Step 1: Get your app’s client ID
- Open the app in App Maker and click Settings Deployments.
- Next to the deployment, click the Down arrow.
- Click View Logs to open the Google Cloud Platform Console in a new tab. Leave the Deployments tab open because you'll need the information later.
- In the Google Cloud Platform Console, click Menu APIs & ServicesCredentials.
- In the OAuth 2.0 client IDs table, in the Client ID column, click Copy to copy the Client ID value.
Step 2: Add your app as an authorized API client
Open a new browser window for the following steps.
From the Admin console Home page, go to Security API controls.
Under Domain wide delegation, click Manage Domain Wide Delegation.
On the Manage domain wide delegation page, click Add new.
Under Client ID, paste the value you copied earlier. Don’t paste the project name.
In App Maker, on the Deployments tab next to the OAuth scope, click Copy .
In the OAuth scopes field, paste the OAuth scope.
If you have multiple scopes, paste each scope in the OAuth scopes field and separate them with commas. Click Show all scopes to make sure you copy all of them.
- Click Authorize.
To make sure every scope appears, select the new client ID and click View details.
If they don't, click Edit, enter the missing scopes, and click Authorize. Note that you can't edit the client ID.
- If users are still prompted to review permissions, go back to the Google Admin console and confirm the client ID is correct and that all OAuth scopes are entered in a comma-separated list. If one OAuth scope is missing, users are prompted to review permissions for all OAuth scopes.