Response Actions

In addition to the Global Response Actions available to all policies, the following two are available for Apps Firewall policies:

Classify App
Changes the classification of an app automatically. For example, in the Risky Access Scopes policy, any apps with risky scopes that trigger an incident can automatically be classified as Banned.

Revoke App Authorization
Automatically removes the app's authorization so it cannot be used in the domain. Revoking an app through a policy response action is a one-time action.

Response Actions by Policy

Not all Apps Firewall policies have the ability to use all of the response actions mentioned above. Here is a break down of the response actions offered in each Apps Firewall policy:

Policy
Classify App
Delay Next Response Action
Incident Status Update
Notify Admin by Email
Notify End User by Email
Revoke App Authorization

New Unclassified Apps

X

X

X

X

X

X

Trusted Access Scopes

X

X

X

X

N/A

Trusted Apps by Name

default

X

default

X

X

N/A

Risky Access Scopes

X

X

X

X

X

X

Monitor Under Audit Apps

N/A

defaulted to Dismissed

X

X

N/A

Revoke Banned Apps

N/A

defaulted to Resolved

X

X

default

Updated 2 years ago

Response Actions


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.