Organizations can use approved and blocked app lists to control the apps that their users are allowed to sign in to.

Important: By default, the approved apps list is disabled for newly-registered organizations, meaning that its users can sign in to any app that is not block-listed. Intelligent Plant recommends enabling the approved apps list for full control over app access.

To view the app access overview page, click on the Configure app security for <Your Organization Name> link in the organization portal actions. The overview page displays a summary of the approved- and block-list status:

To enable the approved list, click on Enable Approved Apps List:

When the approved apps list is enabled, it can be disabled by clicking on Disable Approved Apps List.

When the safe list is enabled, click on Manage Approved Apps on the app security overview to open the approved list management page:

To add apps to the approved list, click on the Add Apps to List button. This will open the app browser, allowing you to page through the available apps and select the ones you want to add to the list:

Click on the Remove button next to a safe-listed app to remove it from the approved list.

You can restrict access to any approved app to specific organization groups and users using an access control list. To manage permissions for an approved app, click on Settings next to the list entry:

By default, when an app is added to the approved list, the All Users group is granted access permissions to the app. Existing permissions can be removed by clicking on the Remove button next to the entry.

Grant permission to a group by clicking on the Add Groups button. Similarly, permissions for individual users can be granted by clicking on the Add Users button. After saving changes entries will be added for the selected users or groups:

Note that multiple access control list entries can apply to the same user (for example, if the user is a member of multiple groups, and all of those groups have been granted access). A user is allowed to sign into an approved app if any access control list entry grants them access.

Once you have granted access to a user or group, you can also pre-select data components that the user or group can use with the app. See below for details.

You can pre-select the data components that a user or group can use with an approved app. Pre-selecting data components means that users do not have to select the component themselves when signing into the app or when managing data access permissions on the My Apps page. This can speed up your onboarding process and ensure that users always have access to the data components that they need for their workflows.

To get started, click on the Manage Data Access button next to the access control list entry for the user or group. This will open the data component browser for the user or group:

Note that only data components that the user or group has permission to access are displayed. Permissions are managed on-premises using App Store Connect.

When signing into an app or viewing the My Apps page, pre-selected data components are automatically selected and cannot be unselected:

If multiple access control list entries apply to the same user, all pre-selected data components will be automatically available to the user when they sign into the app. For example, if you pre-select data components for your “All Users” group and then add a separate access control list entry for a specific user and assign additional data components to the user, the user will have access to pre-selected data components from both entries.

From the app access overview page, click on Manage Blocked Apps to open the block list management page:

Adding an app to the block list will immediately prevent all users in the organization from using the app, even if it has been added to the approved list.

To block-list an app, click on Add Apps to List. This will open the app browser, allowing you to page through the available apps and select the ones you want to add to the block-list:

Click Save Changes to update the block list:

Click on the Remove button next to a blocked app to remove it from the block list.