Airtable admin panel settings
  • 12 Feb 2024
  • 11 Minutos para leer
  • Oscuro
    Ligero
  • PDF

Airtable admin panel settings

  • Oscuro
    Ligero
  • PDF

The content is currently unavailable in Spanish. You are viewing the default English version.
Article Summary

The admin panel is a centralized set of tools to help admins manage their organization’s enterprise account. It's a designated surface that includes ways for admins to view and manage users, groups, reports, bases, and more. It is not visible or available to non-admins. 

NOTE 
Before accessing or attempting to take action(s) in your admin panel, please review your organization's plan and your associated permissions listed below.

Introduction

Plan availabilityBusiness and Enterprise Scale only
Permissions Enterprise Scale plans can access the following admin panel pages and settings: 
  • Reports 
  • Settings:
    • Sharing and data:
      • Restricting/unrestricting file attachments
    • Integrations and development:
      • Toggle ON/OFF block integrations in automations and external source sync
      • Toggle ON/OFF block AI integrations
      • Toggle ON/OFF the ability to block sync via emailed data and API
      • Toggle ON/OFF the ability to block Google Drive shortcut integration
      • Toggle ON/OFF the ability to block API access to organization-owned bases, workspaces, and interfaces
      • Toggle ON/OFF the ability to block API access for third-party integrations
      • Toggle ON/OFF the ability to prevent development of custom code
      • Allow/deny third-party extensions
Business plans can access the following admin panel pages:
  • Users
  • Groups
  • Workspaces
  • Bases
  • Interfaces
  • Verified data 
Platform(s)Web/Browser, Mac app, and Windows app 
Related reading
Airtable terminology

Admin panel - A centralized set of tools to help admins manage their organization’s Enterprise account. It's a designated surface that includes ways for admins to view and manage users, groups, reports, bases, and more. It is not visible or available to non-admins.

Admin panel settings overview 

The admin panel settings page control and management options
  • Security & compliance 
  • Sharing & data 
  • Integrations & development
  • Org customization
Accessing the admin panel settings
  1. Visit your admin panel
  2. Click Settings. 

Security and compliance 

NOTE
Learn more about configuring your organization’s SSO settings in the Configuring SSO in the admin panel support article.
Security & compliance overview

As an admin, you can choose to make SSO either optional or required for each of your federated domains. If you make SSO optional, users can use SSO or log in with their regular username and password. If you make SSO required, all users within the organization’s verified domains will have to use SSO to log in to Airtable. Requiring SSO allows you to better manage access to Airtable and ensures that your users use the most suitable authentication method.

NOTE 
The Read-only Share links feature is currently in closed beta and we are not accepting additional users into the program at this time. Thank you for your interest. Stay tuned for new updates to our license management functionality.


The "Security & compliance" section of the admin panel is made up the following sections:

  • Email domains and SSO configuration - This tool allows admins to verify domains, giving complete control over their associated user accounts.
  • Fixed Web Session length - Set how long users can stay signed into airtable.com
  • Enable Change Events (available on Enterprise Scale) - Turn on/off change events logging and API access. This feature requires enablement; please contact your account manager for access. 

Sharing and data 

Sharing & data overview

The "Sharing & data" section of admin panel is made up the following sections:

  • Sharing 
    • Restrict invites to your organization’s domains - Toggle ON/OFF user's ability to invite other users outside of your organization's domains.
    • Prevent organization-wide app interface sharing - Toggle ON/OFF user's ability to make interfaces accessible to the entire organization.
    • Share links - Control which users can access your organization’s shared base links or shared view links.
    • Restrict user group creation to admins - Toggle ON/OFF non-admin user's ability to create user groups.
  • Access
    • Synced view restrictions - Control which bases can receive synced data from Airtable bases.
    • File attachments - Control which attachment file types can be uploaded to Airtable bases in your organization.
Restrict access to specific IP ranges
Note 
Keep in mind that this setting isn't available for all organizations, so contact your CSM for details.

This setting lets admins set IP range restrictions to prevent users from accessing Airtable unless they are logged into Airtable from an allowed device and/or network. Currently, only IPv4 protocol is supported.

Restrict invites to your organization’s domains

admin_panel_settings_invite_restrictions_early_2022

If you turn this setting on, an "Email domain allowlist" will appear. To allow a new external domain, click the collapsed down arrow so that it appears up and enter the domain (ex. airtable.com). To remove a previously allowed domain from the list, simply click the "X" icon next to that domain.

admin_panel_settings_sharing_allowlist

NOTE
If you are having difficulty adding an external user to a base or workspace, have that user confirm that they have verified their email address with Airtable.
Prevent organization-wide app interface sharing

This setting allows admins to restrict users from making interfaces accessible to their entire organization.

Share links

This setting allows admins to restrict who can access share links across your organization. Individual share link restrictions can also be set within the base UI. There are three options to choose from, each with separate options specific to them:

  • Public
  • Flexible
  • Private

    admin_panel_settings_share_link_restrictions_early_2022

Public

Share links are publicly accessible by default, but can individually be made private.

Private

Users outside of your organization’s domain can’t access shared links. There are also some additional configuration options:

  • Email domain allowlist: If needed, add email domains that are exempt from this setting. Users with those email domains will be able to access share links.
  • Additional settings: 
    • Allow unrestricted access to password-protected shares: Allow anyone to access share links that are password-protected.
    • Allow access to shared forms: Allow anyone to access shared forms.
NOTE
If any share link has email domain restrictions, is password-protected, or an admin has made share links private, then iCal integration links will not be able to sync because the iCal link is no longer able to authenticate.

admin_panel_settings_share_links_restricted

Flexible

By default, share links are restricted to your organization's email domain. However, restrictions can be removed on individual share links. There are also some additional configuration options:

  • Email domain allowlist: If needed, add email domains that are exempt from this setting. Users with those email domains will be able to access share links.
  • Keep existing share links public: If you change this setting from Public to Flexible, you can optionally allow existing share links to remain public.

admin_panel_settings_share_links_restricted_optional

Restrict user group creation to admins only

The next option under the Sharing category focuses on user groups. Toggling this option on means that only admins can create user groups so that users without admin privileges will be unable to create or modify user groups.

admin_panel_settings_user_groups_early_2022

Restrict file attachments

There are 3 options that admins can choose from:

  • Unrestricted: No restrictions. All file types are allowed to be uploaded.
  • Restricted: Files, regardless of their type, cannot be uploaded to any attachment fields in bases that are part of the organization's workspace(s).
  • Custom allow: Specific file types can be set as allowed for upload in attachment fields. Admins can choose to allow one or more of the following options:
    1. Image/*audio/* video/*PDFOther: Create a custom, comma-separated, list of allowed file types that your organization can upload to Airtable attachment fields. You can find more information about common MIME types here.

Synced view restrictions

This setting gives admins control over synced shared views with other bases. Admins can choose between:

  • Unrestricted: Any base, within or outside your organization, can receive synced data from syncable share view links within your organization.
  • Restricted: Users are only to set up syncs between existing bases within your organization. Bases outside your organization aren't able to receive syncs.
    • The share view configuration defaults to restricting syncs within your organization but can be disabled on a share-view-by-share-view basis. Admins can also decide who can disable restrictions for views and can choose from no one, creators, and admins or admins only.
    • With this setting enabled—and because individual share views are controlled separately—existing syncs outside your organization will continue to function.
  • Off: This option is the most restrictive and prevents all shared views from syncing to any destination base.

This list includes all synced tables that can sync data from your organization, regardless of whether a sync is active. Admins can also select "Review share links" to view, sort, filter, and download share links enabling sync outside their organization. The three columns are calculated as follows

  • Total syncs: The total number of synced tables created from this shared view (internal and external).
  • Syncs to Airtable: The total number of synced tables created based on the shared view inside the Airtable corporate account—data that is likely being shared with Airtable. These tables are sometimes created during onboarding and service engagements or used to share information related to joint account planning between the customer and Airtable.
  • Other outside syncs: The total number of synced tables created—based on this shared view—that aren't part of your organization or part of the Airtable corporate account. Admins may want to keep some of the included data within their organization. If so, shared view links should be turned off but keep in mind that some desirable external syncs can be counted in this number, including:
    • Syncs with external consultants or vendors.
    • Syncs with other organizations under the same corporate entity (e.g., Division A and B, both of which are in Omnicorp Inc.)

The "Restricted" option prevents bases outside your organization from being sync targets by default.

NOTE 
Please keep in mind that when syncs are not restricted, users will be able to sync data into bases that are not part of the organization.

Integrations and development  

Integrations & development overview

The "Integrations & development" section of admin panel is made up the following sections:

  • Integrations 
    • Block integrations in automations and external source sync - Turn on/off the usage of automations and external source syncs that communicate with third-party services unless they're on the allowlist.
    • Block AI integrations - Turn on/off the usage of AI models (like OpenAI) in all or selected organization-owned workspaces.
    • Block sync via emailed data and API - Turn on/off users from syncing data into Airtable through email attachments and API requests. API access also needs to be granted for API endpoint sync.
    • Show previews of Airtable links in Slack - Turn on/off previews of organization-owned base and workspace links to authenticated users in Slack.
    • Block Google Drive shortcut integration -  Turn on/off users from automatically creating shortcuts to Airtable bases in Google Drive.
  • Development 
    • Block API access to organization-owned bases, workspaces, and interfaces - Turn on/off the ability for users who have not been added to the allowlist from accessing organization-owned workspaces, bases, and interfaces via personal access tokens and API keys.
    • Block API access for third-party integrations - Turn on/off guests and external users from granting third-party services that aren't on the allowlist API access to organization-owned bases, workspaces, and interfaces. Additionally, prevent org members from authorizing third-party integrations that aren't on the allowlist.
    • Prevent development of custom code - Turn on/off users from developing custom extensions, writing scripts, and installing scripts from the marketplace unless the user is on the developer allowlist.
  • Extensions 
    • Third-party extensions - Control which extensions created by third parties can be used in your organization. All third-party extensions are reviewed for security and functionality by Airtable
Block integrations in automations and external source sync

This setting allows organizations to prevent usage of automations or external source syncs that may communicate with external services (outside of Airtable).

An allowlist will appear if you turn the setting on. You can then allow or deny each integration based upon your organization’s security practices.

At the bottom of the allowlist, you can disable or enable all integrations.

Lastly, integrations that require additional configuration will appear below the allowlist. Currently, only the Jira Server / Data Center integration requires this additional configuration.

Prevent development of custom code

When this setting is turned on, users will not be able to interact with Airtable features that enable the deployment of custom code into your organization unless they are explicitly allowed. This includes the scripting extension, script templates, the Run a script action within automations, as well as custom extensions. To enable this functionality for your entire organization, keep this setting turned off.

If this setting is on, you can optionally add specific developers to an allowlist so that they can use these custom code features. To add a developer to the allowlist, enter their email address into the space provided, and click “Allow.”. Developers previously added to the allowlist can be removed by clicking "X" next to their email address.

Extensions

Third-party extensions are built and submitted to the Marketplace by third parties and reviewed for security and functionality by Airtable. They do not include the partner extensions that Airtable has closely vetted. Within both categories, there are three options that allow admins to control which extensions can be used:

  • Allow all: Allows users to access and use all third-party extensions.
  • Deny those that access non-Airtable servers: Disallows third-party extensions that send data to non-Airtable web servers.
  • Deny all: Disallows all extensions.
NOTE
As of March 26, 2021 this setting will default to the “Deny those that access non‑Airtable servers” option. Admins can select one of the other options to opt-out of that default.

When an extension is disallowed in your organization, users will still be able to see all extensions in the Marketplace and click “Install,” but they will be met with an error message instructing them to contact their admin when they attempt to run the extension.

Block API access for all third-party integrations, unless explicitly allowed

This setting allows you to manage access to third-party integrations across your entire organization.

  • If this setting is "Off," org members can use third-party integrations.
  • If this setting is "On," org members cannot use third-party integrations unless they’re on the allowlist.
NOTE
In addition to this admin panel setting, you can also manage the third-party integrations already authorized by your users and service accounts:
Org customization

The "Org customization" tab allows admins to manage their organization’s logo and add a custom contact admin message.

  • To manage your company logo, click "Edit."
  • To set a custom contact admin message, click "Edit." This message will appear when users in your organization want to contact their admin via email. You can also specify which admins should receive emails or if the outreach should go to a separate address or service desk. 

¿Te ha sido útil este artículo?