OAuth Apps Whitelisting in Google Workspace
OAuth apps white listing is a security feature which improves data access control and provides phishing prevention for your organization data. It gives more visibility control into how third-party applications are using your data.
Purpose of OAuth apps white listing :
The OAuth apps white listing allows the admins to specifically select which third-party apps are allowed to access users’ G Suite data. Then the users can select the white listed app and grant authorized access to their G Suite apps data which prevents malicious apps access to users data.
OAuth apps white listing security controls and benefits for GW admins :
1. Admin will be able to know exactly which third-party apps are accessing their Google Workspace data
2. It will only allow access to trusted third-party apps with OAuth
3. It prevents unauthorized app installations and so the possible outcomes after installations of unauthorized apps are prevented
OAuth apps whitelisting configuration :
Please find the below given steps to implement the Whitelisting of OAuth Apps or Trusted Apps
1.Login to Google Admin Site as a user with Super Admin privileges
2.From the Admin console click on the Security icon
3.Click on API Permissions
4.Scroll down to the bottom of the list of apps and click on Manage Third Party App Access / the Trusted Apps link
5.Click Whitelist an App + icon
6.The Add App To Trusted List and an another window will open
7.In the Select App Type list, select either Android, IOS or Web applications option as per your apps type
8.If it is a Web application then it requires you to fill in the OAuth2 Client ID
9.find the relevant app to add to the whitelist and check the checkbox next to the app.Specify OAuth app client ID
10.Click Add button and the app will be OAuth Whitelisted
Once the OAuth apps whitelisting settings are enabled, access to third-party apps will be enforced and then the employees are automatically protected against unauthorized apps.
Official websites and blogs of Google