Authorize unverified third-party apps
Google is working with app developers to make sure that third-party apps comply with Google privacy and security requirements. Third-party apps that haven't completed a verification process are "unverified" and might be subject to restrictions.
Which unverified third-party apps are subject to restrictions?
Unverified third-party apps that access Gmail data and have more than 100 users worldwide are subject to restrictions.
Currently, unverified third-party apps with fewer than 100 users worldwide, apps internal to your domain, and unverified third-party apps that access data for Google services other than Gmail aren't subject to restrictions.
What does this mean for my organization?
If your organization has users who currently run unverified third-party apps, those unverified apps will continue to work as expected. However, any new installations of unverified third-party apps that are subject to restrictions will be blocked—unless you indicate that the app is trusted.
Review your third-party apps
If you have unverified third-party apps
What about internal apps?
You can trust internal apps created in your organization automatically in the Google Admin console.
About trusted third-party apps
When you trust a third-party app, it will have access to some Google Workspace user data (OAuth2 scopes) that you have otherwise restricted. For example, if you have generally blocked access to Gmail OAuth2 scopes, apps on your allowlist will still have access to Gmail.