Visibility versus Authentication and Authorization: Service On/Off

You may have already noticed, but the controls to enable and disable individual apps in Google Apps are now all in one place on the domain Control Panel under Organization & users > Services.

Domain administrators were already able to use this tab to enable and disable the Core Google Apps suite. Now they can do the same for apps they’ve acquired from the Google Apps Marketplace. This replaces the old link labeled “Disable {app name}” in the Dashboard > {app name} > “App status” page.

App and Gadget Visibilty

This on/off switch controls app and gadget visibility. Users in suborganizations where a Marketplace App is ON will see that app in the universal navigation bar under “More”, and will see the app’s contextual gadgets in Gmail. Users where the App is OFF will not see these links or gadgets.

Your customers still configure all apps through the Dashboard tab, but now the Control Panel Services tab unifies how they enable and disable every app.

New Scoping by Suborganization

The unified controls also share an important new scoping capability: now a domain administrator can select a suborganization and control which Marketplace Apps are visible to that organizational unit, just like the Core Google Apps suite!

In the example below, the administrator has overridden the domain settings for four Marketplace Apps to make three new tools visible to just the “Engineering” suborganization and to hide one application.

Visibility versus Authentication and Authorization

As developers, you should note that for any valid Google Apps domain user who goes directly to your website, OpenID/Single Sign On will always authenticate them if their domain has OpenID enabled. This includes users who are in suborganizations where your app is OFF. That means this visibility toggle feature is not a substitute for checking that the users accessing your app have a valid license.

Similarly, the on/off switch does not affect the OAuth scopes your app has been granted when the domain admin installed your app — the admin only revokes those by explicitly revoking data access or by deleting your app. The control panel on/off switch is just a way for a domain administrator to control the visibility of apps and gadgets that would otherwise be site-wide.

Leave a Reply