Authorization
Authorization
Some applications require explicit Admin authorization before use with an enterprise. The steps an Admin needs to take are dependent on the developer-selected authentication method and enabled enterprise settings.
Authentication methods
The following authentication methods always require explicit Admin authorization:
These authentication methods automatically generate a Service Account. With the right scopes enabled, a Service Account can perform many Admin actions, thus requiring Admin authorization before use.
OAuth 2.0 and App Token apps may also require explicit Admin authorization based on enabled enterprise settings.
Enterprise settings
Subsequent steps are required if any of the following enterprise settings are enabled:
- Disable published third party apps by default
- Disable unpublished apps by default
- Require manual Admin authorization for Limited Access Apps
These settings can be found by navigating to:
Admin Console > Integrations > Platform Apps Manager > Platform Apps Settings button.
Required actions
To see what steps an Admin must complete for a given app, review the following scenarios.
Disable published third party apps by default:
| Authentication Method | Enabled | Disabled |
|---|---|---|
| OAuth 2.0 | Set to available in individual app controls | Ready for use |
| Server Authentication (with JWT) | N/A | N/A |
| Server Authentication (client credentials) | N/A | N/A |
| App Token Authentication | N/A | N/A |
Disable unpublished apps by default:
| Authentication Method | Enabled | Disabled |
|---|---|---|
| OAuth 2.0 | Enable in Integrations > Platform Apps Manager > User Authentication Apps > Select Platform App > Use More menu to enable the app. | Ready for use |
| Server Authentication (with JWT) | Authorize and enable in Integrations > Platform Apps Manager > Server Authentication Apps Select Platform App > Use More menu to authorize the app. | Authorize in Integrations > Platform Apps Manager > Server Authentication Apps > Select Platform App > Use More menu to authorize the app. |
| Server Authentication (client credentials) | Authorize and enable in Integrations > Platform Apps Manager > Server Authentication Apps > Select Platform App > Use More menu to authorize the app. | Authorize in Integrations > Platform Apps Manager > Server Authentication Apps > Select Platform App > Use More menu to enable the app. |
| App Token Authentication | Authorize and enable in Integrations > Platform Apps Manager > Server Authentication Apps > Server Authentication Apps > Select Platform App > Use More menu to enable the app. | Ready for use |
Require manual Admin authorization for Limited Access Apps:
| Authentication Method | Enabled | Disabled |
|---|---|---|
| OAuth 2.0 | N/A | N/A |
| Server Authentication (with JWT) | N/A | N/A |
| Server Authentication (client credentials) | N/A | N/A |
| App Token Authentication | Authorize in Integrations > Platform Apps Manager > Server Authentication Apps Select Platform App > Use More menu to authorize the app. | Automatically authorized and enabled upon creation |