Signing in with an unauthorised account

In secure apps, the app creator has the ability to set a white list of authorized accounts. Normally, a user can’t access the app unless the rely on one of these accounts.

I recently received an alert from Appsheet informing me that i need to purchase additional license(s). After looking at the app usage historic, i noticed that one of the users signed in using a gmail account that wasn’t white-listed.

My question is, how is this possible? How can Appsheet manage to count 7 Gmail accounts while only 6 are white-listed?

Have you checked if that email address is also shown in Audit history?

1 Like


The “Allow all signed-in users” in the security section is probably on.

Having this option On by-pass any white listed user.

1 Like

Hi Jeremie, the “Allow all signed-in users” option is far from being on.

The unauthorized gmail address appears in the unique app user emails list (Usage statistics) but not in the audit history. This seems to indicate that the attempt(s) to sign-in with the unauthorized address wasn’t successful (good news).

So why is this address counted as a unique app user email ?

Your subscription is calculated from the Audit history. The accuracy of usage history is not 100%.

I therefore wonder why i keep receiving an alert email from Appsheet? From what I see, i am tempted to say that the subscription calculations are based on the “unique app users email list” which is not 100% accurate as you mentioned.

Would you please send an email about this to