--- title: Mobile and Third-Party Access description: >- Manage and monitor OAuth applications in your organization, including permissions, Application Scope Management, user access, and application status controls. breadcrumbs: Docs > Account Management > Mobile and Third-Party Access --- # Mobile and Third-Party Access ## Overview{% #overview %} Use the Mobile and Third-Party Access page under [Organization Settings](https://app.datadoghq.com/organization-settings/) to manage and gain visibility into your organization's OAuth applications, such as the scopes and permissions granted to an application and the users that have authorized access for it. {% image source="https://docs.dd-static.net/images/account_management/mobile_third_party_access/org-management-page.d97e0a6fb48c8444a8358c2e98d04f00.png?auto=format&fit=max&w=850 1x, https://docs.dd-static.net/images/account_management/mobile_third_party_access/org-management-page.d97e0a6fb48c8444a8358c2e98d04f00.png?auto=format&fit=max&w=850&dpr=2 2x" alt="Mobile and Third-Party Access management page in Datadog" /%} ## Setup{% #setup %} ### Permissions{% #permissions %} By default, users with the [Datadog Admin role](https://docs.datadoghq.com/account_management/rbac/permissions.md#general-permissions) can access the Mobile and Third-Party Access page. If your organization has [custom roles](https://docs.datadoghq.com/account_management/rbac.md?tab=datadogapplication#custom-role) defined, add your user to any custom role with the `org_authorized_apps_read` and `org_authorized_apps_write` permissions. Only users with the Datadog Admin role or the `org_authorized_apps_read` and `org_authorized_apps_write` permissions can manage OAuth applications on this page, such as disabling applications or revoking OAuth access for a user. ### Enable{% #enable %} Enabled OAuth applications allow users with necessary permissions to authorize access on their behalf. OAuth applications include the Datadog Mobile App. ### Disable{% #disable %} Disabling OAuth access for an application revokes access to this application for all users in your organization. While the application remains installed, users are no longer able to use the application and are prompted with an error if they attempt to authorize it. To disable an application from the Mobile and Third-Party Access page: 1. Hover over your application in the apps table to reveal the Disable button on the right side of the row. {% image source="https://docs.dd-static.net/images/account_management/mobile_third_party_access/disable-app-table.7604c06f10e374134a61e6cbedc68bea.png?auto=format&fit=max&w=850 1x, https://docs.dd-static.net/images/account_management/mobile_third_party_access/disable-app-table.7604c06f10e374134a61e6cbedc68bea.png?auto=format&fit=max&w=850&dpr=2 2x" alt="Apps table showing the Disable button on hover" /%} 1. Click on your application to open the detailed view of the application and click the Disable Application button. {% image source="https://docs.dd-static.net/images/account_management/mobile_third_party_access/app-detail-scopes.5b2fa64ab35efc6a4b768a49cd98e70a.png?auto=format&fit=max&w=850 1x, https://docs.dd-static.net/images/account_management/mobile_third_party_access/app-detail-scopes.5b2fa64ab35efc6a4b768a49cd98e70a.png?auto=format&fit=max&w=850&dpr=2 2x" alt="Application detail view showing scopes and Disable Application button" /%} **Note**: When re-enabled, users that previously authorized the application are required to re-authorize the application to regain access. ### Revoke access{% #revoke-access %} Revoking a user's OAuth access to an application removes all access to that application. If the user has the required permissions to authorize the application, they can regain access by re-authorizing it. {% image source="https://docs.dd-static.net/images/account_management/mobile_third_party_access/revoke-user.5677aa46de3fd57f61c21a2cd8cf7776.png?auto=format&fit=max&w=850 1x, https://docs.dd-static.net/images/account_management/mobile_third_party_access/revoke-user.5677aa46de3fd57f61c21a2cd8cf7776.png?auto=format&fit=max&w=850&dpr=2 2x" alt="Application detail view showing the Users tab with the option to revoke a user's access" /%} ### Application Scope Management{% #application-scope-management %} Enable Application Scope Management to modify the allowed scopes for an application. Adding or removing a scope affects access to this application for all users in your organization. Disabling a scope revokes any existing authorizations for applications that have the scope granted. Only MCP applications support Application Scope Management. 1. On the Mobile and Third-Party Access page, click an application to open its detail view. 1. Select the Scopes tab and use the Allowed checkbox for each scope to control whether to grant the application that scope. 1. Click Enable to save the scope configuration. {% image source="https://docs.dd-static.net/images/account_management/mobile_third_party_access/scope-restrictions-enable.f09e5204124441c5ae255362d007218f.png?auto=format&fit=max&w=850 1x, https://docs.dd-static.net/images/account_management/mobile_third_party_access/scope-restrictions-enable.f09e5204124441c5ae255362d007218f.png?auto=format&fit=max&w=850&dpr=2 2x" alt="Application Scope Management view with Enable and Restore to Full Access buttons" /%} ## Further Reading{% #further-reading %} - [Learn more about organization settings](https://docs.datadoghq.com/account_management/org_settings.md) - [Datadog Role Permissions](https://docs.datadoghq.com/account_management/rbac/permissions.md)