Available on plans:
Free
Pro
Team
Enterprise
You can control which apps members of your Enterprise account have access to. There are two options:
Restricted apps: members can use any app on Zapier unless it’s on your restricted list.
Allowed apps: members can only use apps that are on your allowed list.
After you change access to an app, if any existing Zaps use apps that violate your settings:
- You'll see a notification at the time that the setting changes.
- Zapier will hold those Zap runs.
- You'll see a notification when you attempt to publish changes to your Zap.
- You must have an Enterprise account to manage access to apps.
- Only admins, super admins, and account owners can enable this feature.
- Your account must have one or more verified domains.
- Members of your account will still be able to connect their app accounts and use them to set up triggers and actions (including loading or creating test records), but they will not be able to publish and run the Zap.
- You can only enable either restricted apps or allowed apps settings. You cannot enable both.
Select your app access setting
To control which apps members of your account have access to, you must enable either the restricted apps or allowed apps setting. You cannot enable both.
By default, your account has the restricted apps setting enabled. You can change your app access settings at any time.
- In the left sidebar of your Settings page, under the Admin settings section, select Security and privacy
- Select Allow or restrict apps. You'll be redirected to a new page.
- Your account is set to restricted apps by default.
- If:
- Allowed apps is enabled, click Change to restricted apps.
- Restricted apps is enabled, click Change to allowed apps.
Add a new app restriction
When you add a restricted app, no members of your account can use that app. Members can use any app that is not in your restricted list.
- In the left sidebar of your Settings page, under the Admin settings section, select Security and privacy
- Select Allow or restrict apps. You'll be redirected to the Restricted apps page.
- Click Add app. You’ll be redirected to the Add restricted app page.
- In the Search for an app field, search for and select the app you want to restrict.
- Click Add restricted app.
- You'll see a notification if:
- The app is being used in Zaps by members of your account. You can review the app connections and any associated Zaps on your Apps page.
- The app is already restricted.
- You'll see a notification if:
You can remove an app restriction any time by selecting it from the Restricted apps page.
- In the restriction page for the app, click Remove APP restriction.
- A dialog box will appear.
- Click Remove to confirm.
(Optional) Add an exemption to a restricted app
You can create exemptions to your restricted list so everyone in your account is restricted from using the app, except for the exempted members or teams.
- In the left sidebar of your Settings page, under the Admin settings section, select Security and privacy
- Select Allow or restrict apps. You'll be redirected to the Restricted apps page.
- Select the app that you want to add an exemption to. You’ll be redirected to the restriction page for that app.
- In the Allow app for specific members or teams field, search for and select a member or team in your account to exempt.
You can remove an exemption to an app restriction at any time from the Restricted apps page.
- In the Members/teams with access section, click Remove next to the exempted member or team.
- The button will convert to "Are you sure?".
- Click Are you sure? to confirm.
If you add Quickbooks to your restricted apps list, you can add an exemption for your accounting team. This will give your accounting team access to Quickbooks, while the rest of your account will still be restricted from using the app.
You can only exempt one member or team at a time.
Add a new allowed app
When you add an allowed app, all members of your account can use the app. Members cannot use any app that is not in your allow list.
- In the left sidebar of your Settings page, under the Admin settings section, select Security and privacy
- Select Allow or restrict apps. You'll be redirected to the Allowed apps page.
- Click Add app. You’ll be redirected to the Add allowed app page.
- In the Search for an app field, search for and select the app you want to allow.
- Click Add allowed app.
- You'll see a notification if:
- The app is being used in Zaps by members of your account. You can review the app connections and any associated Zaps on your Apps page.
- The app is already allowed.
- You'll see a notification if:
- You'll be redirected to the allowance page for the app.
- By default, everyone in your account will have access to the app.
You can remove an allowed app at any time from the allowance page for the app.
- In the top right, next to the name of the app, click Delete app.
- A dialog box will appear.
- Click Yes, delete to confirm.
You cannot add private apps to your allowed list.
(Optional) Limit access to an allowed app
By default, any member of your account can use an allowed app. You can limit access to an allowed app so only specific members or teams are allowed to use the app.
- In the left sidebar of your Settings page, under the Admin settings section, select Security and privacy
- Select Allow or restrict apps. You'll be redirected to the Allowed apps page.
- Select the app that you want to add an exemption to. You’ll be redirected to the allowance page for the app.
- In the Allow app for specific members or teams field, search for and select a member or team in your account to exempt.
- Click Add.
You can remove an exemption at any time from the allowance page for the app by clicking Remove next to the member or team.
If you add Quickbooks to your allowed apps list, you can add an exemption for your accounting team. This will allow only your accounting team to have access to the app. The rest of your account will not be allowed to use the app.
You can only exempt one member or team at a time.
(Optional) Limit access to specific actions in an allowed app (beta)
This feature is in open beta. It’s available for use but still in active development and may change.
After you add an app to your allow list, you can prevent users in your account from using specific actions. Once you configure your app controls, members will not be able to create new Zaps with restricted actions. Any step in an existing Zap that contains the action will be held when the Zap runs.
- In the left sidebar of your Settings page, under the Admin settings section, select Security and privacy.
- Select the Allowed or restricted apps setting. You’ll be redirected to a new page.
- Select an app from your allowed list.
- You'll be redirected to the allowance page for that app.
- Below the Add members and teams field, you'll see a list of all members and teams that are allowed to use the app. Select a member, team, or everyone from the list.
- You'll be redirected to the actions allowance page for the app. By default, all actions are allowed.
- Select the checkbox next to each action you want to prevent users from using in their Zaps.
- At the top of the list of actions, click the down arrow icon to open the dropdown menu.
- Click Restrict. A dialog box will appear.
- Click Restrict to confirm.
Limitations
- Account admins, super admins, and owners will be affected by these limits.
- These are account-wide restrictions.
- You can restrict existing custom actions, but you cannot prevent users from creating new custom actions.
- You can only restrict actions at this time.
- Triggers are not supported. If you need to restrict triggers, you must remove the app from your allowed list entirely.
- If you restrict all actions for the "Everyone" group, that group will still have access to triggers for the allowed app.
- If your account is on a legacy Company plan with 200,000 tasks or less, you cannot use restricted actions.
- Zapier will default to allowing the broadest permissions for an app.
- This may override a specific restricted action setting you've enabled.
Juana is a member of the Sales team in her company's Zapier account. The Sales team is allowed to use the Create a lead action in Salesforce. If an admin removes Juana's permission to use the Create a lead action, she will still be allowed to use the action because it's permitted for the Sales team, which she is a member of.