HomeDocumentation and Guides

Response Actions

In addition to the Global Response Actions available to all policies, the following two are available for Apps Firewall policies:

Classify App
Changes the classification of an app automatically. For example, in the Risky Access Scopes policy, any apps with risky scopes that trigger an incident can automatically be classified as Banned.

Revoke App Authorization
Automatically removes the app's authorization so it cannot be used in the domain. Revoking an app through a policy response action is a one-time action.


Response Actions by Policy

Not all Apps Firewall policies have the ability to use all of the response actions mentioned above. Here is a break down of the response actions offered in each Apps Firewall policy:

PolicyClassify AppDelay Next Response ActionIncident Status UpdateNotify Admin by EmailNotify End User by EmailRevoke App Authorization
New Unclassified AppsXXXXXX
Trusted Access ScopesXXXXN/A
Trusted Apps by NamedefaultXdefaultXXN/A
Risky Access ScopesXXXXXX
Monitor Under Audit AppsN/Adefaulted to DismissedXXN/A
Revoke Banned AppsN/Adefaulted to Resolved XXdefault