Mobile and Third-Party Access

Overview

Use the Mobile and Third-Party Access page under Organization Settings to manage and gain visibility into your organization’s OAuth applications, such as the scopes and permissions granted to an application and the users that have authorized access for it.

Mobile and Third-Party Access management page in Datadog

Setup

Permissions

By default, users with the Datadog Admin role can access the Mobile and Third-Party Access page. If your organization has custom roles defined, add your user to any custom role with the org_authorized_apps_read and org_authorized_apps_write permissions.

Only users with the Datadog Admin role or the org_authorized_apps_read and org_authorized_apps_write permissions can manage OAuth applications on this page, such as disabling applications or revoking OAuth access for a user.

Enable

Enabled OAuth applications allow users with necessary permissions to authorize access on their behalf. OAuth applications include the Datadog Mobile App.

Disable

Disabling OAuth access for an application revokes access to this application for all users in your organization. While the application remains installed, users are no longer able to use the application and are prompted with an error if they attempt to authorize it.

To disable an application from the Mobile and Third-Party Access page:

  1. Hover over your application in the apps table to reveal the Disable button on the right side of the row.

    Apps table showing the Disable button on hover

  2. Click on your application to open the detailed view of the application and click the Disable Application button.

    Application detail view showing scopes and Disable Application button

Note: When re-enabled, users that previously authorized the application are required to re-authorize the application to regain access.

Revoke access

Revoking a user’s OAuth access to an application removes all access to that application. If the user has the required permissions to authorize the application, they can regain access by re-authorizing it.

Application detail view showing the Users tab with the option to revoke a user's access

Application Scope Management

Enable Application Scope Management to modify the allowed scopes for an application. Adding or removing a scope affects access to this application for all users in your organization. Disabling a scope revokes any existing authorizations for applications that have the scope granted.

Only MCP applications support Application Scope Management.

  1. On the Mobile and Third-Party Access page, click an application to open its detail view.

  2. Select the Scopes tab and use the Allowed checkbox for each scope to control whether to grant the application that scope.

  3. Click Enable to save the scope configuration.

Application Scope Management view with Enable and Restore to Full Access buttons

Further Reading

Additional helpful documentation, links, and articles:

Learn more about organization settingsDOCUMENTATION more more Datadog Role PermissionsDOCUMENTATION more more