Block apps from accessing G Suite data with app access control

What’s changing 

Last year, we launched app access control to help all G Suite and Cloud Identity customers control access to G Suite data via OAuth 2.0 by third-party and domain-owned apps. Now, we're improving it by allowing admins to block apps from accessing any OAuth 2.0 scopes. This makes it easy for customers to quickly restrict apps that are deemed to be high-risk or compromised. 

If an app is blocked, it will not be able to access any data from Google services. It will be blocked whether the app is on iOS, Android, or the web. If users try to authorize the app, they’ll see an authorization error message. Admins can customize this error message if they choose. 

Who’s impacted 


Why you’d use it 

G Suite has a robust developer ecosystem, with thousands of apps available via the G Suite Marketplace and directly to customers, and a rich API framework enabling customers to develop custom apps. Not all apps, however, conform to every enterprise customer’s security policy, so our customers and partners value controls to manage third-party apps accessing G Suite data. 

Previously, admins could trust or limit access by specific apps. Now, we’re streamlining this to make it easier to manage potentially thousands of apps, and to help you to more quickly block apps when needed. By adding an option to block an app, you can quickly and efficiently protect data when an app is compromised or high-risk.
You can now block app access to OAuth 2.0 scopes via the Admin console. 

Apps can now be trusted, limited, or blocked. 

Getting started 

Rollout pace 


  • Available to G Suite Basic, G Suite Business, G Suite Enterprise, G Suite for Education, G Suite Enterprise for Education, and G Suite for Nonprofits customers
  • Not available to G Suite Essentials and G Suite Enterprise Essentials customers