Controlling Application Discovery

AppSheet does not have an app store or any other environment for others to discover your apps. This is by design. You decide to tell others about your app by sharing an install link. On the other hand, your existing users can share the app install link with others as well. If someone decides to post your app's install link on Twitter, this could be a good thing or a bad thing for you! If an employee has access to the app and then leaves your company, they will continue to have the potential to launch the app. This is why you should always plan to secure your app. 

Requiring Authentication (Sign-In)

You can set the require user authentication option to control who can open and use your app.

You should require user authentication if any of the following are true:

  1. You need to restrict app access to particular people. Apps intended for members of a team or employees of a company usually need authentication.

  2. Your app uses confidential data. Apps that use personal, group, or company data that you do not want to share publicly need authentication.

  3. You need to customize the behavior of the app based on the specific user.

  4. You need per user Private tables.

  5. You need to maintain an audit trail of which users access your app.


To Require user authentication

  1. Open your app in the Editor.

  2. Go to the Security > Require Sign-In pane.

  3. Click the Require user authentication check box.

  4. Select an Authentication Provider from the dropdown.


You can choose from the following authentication providers:

  • Google

  • Dropbox

  • Box

  • Office365

  • Smartsheet

  • Salesforce

  • "Any provider"

Your app users must have an account with the authentication provider you choose. For example, anybody using Google Drive has a Google account. This applies to consumers with a email address but also many corporate accounts that are _hosted_ by Google. In fact, most corporate and consumer email accounts are hosted by one of the providers listed. Note that restricting the authentication provider applies to app users, but not other app editors. So, it is possible to collaborate with editors using other providers while still restricting normal app users.

If you choose "any provider", each of your app users must have an account with at least one of the providers supported. For example, one of your app users might have a Google account while another might have an Office365 account. 


Granting Application Access

Once you set Require user authentication and choose an authentication provider, you must explicitly grant application access before anyone can open your app, other than you.

Granting Access to Individual Users

When you have few users, it is easiest to grant access by entering individual email addresses.

To grant application access to individual users:

  1. Open your app in the Editor.

  2. Click Users to be taken to the Users pane.

  3. Enter one or more user email addresses separated by commas.

  4. If you would like the user to receive an invitation email with installation instructions, click the Send install link button at the bottom of the form. You can optionally customize the message by editing the Message to send text. If you would like to add them to the allow list without sending them an email, click the Don't Send Email button.

  5. Click either the Share App (when sending email) or the Add Users button (when not sending email). This will add the users to the allow list and optionally send the invitation email.

  6. You will be taken to the Share App pane so you can review the updated allow list.

  7. Click either Users or the Share App header to return to the Users pane.


Granting Access to an Entire User Domain
When you have many users, it is easiest to grant access by domain.

For example, you might create a domain like "" and assign email address like "" and "MaryJones@". You can learn more about creating and registering domain names and assigning email addresses by searching for "Google Apps for Work". Other authentication providers have similar offerings. 

By adding a domain name like "" to the allow list, you allow everyone having an email account in that domain to access your application. To add a domain:

  1. Open your app in the Editor.

  2. Click Users to be taken to the Users pane.


  4. Enter the domain name in Domain to Add.

  5. Click +Add domain to add the domain to the allow list.

For your safety, we prevent you from entering widely used domain names in the allow list, such as "".

The domains you add will appear in the allow list.

Granting Access to All Signed-In Users

You can enable the Allow all signed-in users option to grant access to all signed-in users. If you do this, you do not need to maintain an allow list.

Enable this option when you do not need to restrict access to a specific list of users but still want to access user-specific information like their email, or use personalization features like security filters or private tables.

Granting Access to Members of a Domain Group

If you work at a company, it is common to manage security groups at the domain level. For example, the company may have a domain group called 'Admins' for some subset of employees. AppSheet apps can be configured to provide access only to members of a specific domain group. This is an advanced feature associated with our corporate plans.


Did this answer your question?