Skip to main content

Get Support
Have a question? Let's get you an answer!

How Do I...? Troubleshooting Code & Webhooks Developer Zone

Other Help Resources
Wait, there's more! Check out these Community sourced spaces for additional resources.

Zapier Help Center Hire an Expert

Learning Resources
All of our best learning resources can be found here.

Featured Articles Show & Tell Zapier's products AI Hub Zapier Tools Hub

Share your knowledge
Give back to the Community by sharing your automation wins and helping to answer questions.

Share your success See unanswered questions User Groups

Other Learning Resources
Some of our favorite additional ways to upskill your Zapier knowledge.

Zapier Learn Zapier Blog Zapier Webinars

Product Updates
Check out what is new and upcoming with Zapier with our regular product updates.

Product Updates

Early Access Program
Want to join Early Access? Learn more here.

Question

Allow only enterprise email domains in zaps

  • November 11, 2024
  • 3 replies
  • 25 views
C

Hi everyone! 

I have a security concern about data exfiltration through unauthorized recipient domains and app connections, since a user who creates a zap can, for example, sent an e-mail to anywhere with sensitive data or connect to unkown Google Drive account and upload it there.
There’s a way to restrict the recipient domain to a list of authorized domains, allowing only authorized users to achieve it?
In the same way i’d like to know if we can allow only authorized users (like the team leaders) to create app connections, and then, share to his team.

Thanks! 

    This post has been closed for comments. Please create a new post if you need help or have a question about this topic.

    3 replies

    Troy Tessalone
    Zapier Orchestrator & Solution Partner
    Forum|alt.badge.img+14
    • Troy TessaloneZapier Orchestrator & Solution Partner
    • Zapier Orchestrator & Solution Partner
    • November 11, 2024

    Hi @chlima88 

    Info about data privacy and security for Zapier: https://help.zapier.com/hc/en-us/sections/14037178066317-Data-privacy-security

    Higher level Zapier plans have more feature controls for apps and permissions: https://zapier.com/pricing

    ⚡ Troy Tessalone - AutomationAce.com | Platinum Zapier Solution Partner | #1 Zapier Community Contributor
    C
    • chlima88
    • Author
    • New
    • November 11, 2024

    Thanks for your reply Troy, but I couldn't find a thread that answered my question.

    I've read about app restriction to allow/disallow some apps and domain insights that can help us with account management. Both of these threads partially solve the problem, but with app restriction we only have control over which apps the user can use, not how they use them.

    As per the original post, I would like to allow apps to connect to, for example, Google Services only with corporate accounts and also allow them to send emails only to known domains or restrict some domains.

    Troy Tessalone
    Zapier Orchestrator & Solution Partner
    Forum|alt.badge.img+14
    • Troy TessaloneZapier Orchestrator & Solution Partner
    • Zapier Orchestrator & Solution Partner
    • November 11, 2024

    @chlima88 

    I’m not aware of that level of control for apps.

    You can try opening a ticket with Zapier Support for more guidance: https://zapier.com/app/get-help

    ⚡ Troy Tessalone - AutomationAce.com | Platinum Zapier Solution Partner | #1 Zapier Community Contributor
    Terms & ConditionsAccessibility statement