Home > Manage App Profiles > Overview
Export to PDF#Manage App Profiles
AvePoint cloud services can connect to your environments in the Microsoft/Google/Salesforce/Amazon platform via app profiles for the related apps/roles in your environments.
To help you decide whether to use AvePoint's default apps or your tenant’s custom apps, the API Permissions Required by AvePoint Apps and API Permissions Required by Custom Apps sections are for your reference. Note the following:
- For AvePoint’s default apps, it is recommended that you configure an independent app for each of the services that you are using. For the apps that can be used by each service, refer to [Apps for Individual Services](#missing-link). If you are using multiple services in the AvePoint Online Services platform, you can also choose the method to configure an app for multiple services with all the required API permissions. For the apps that can be used for multiple services, refer to [Apps for Multiple Services](#missing-link).
Note the following:
- For all the default apps that can be used by AvePoint services, their API permissions, and the updates in the current release, refer to the page.
- On the **App management**, **Consent to apps**, and **App profile details** pages, the related AvePoint default apps are marked with the icons as below:
- Apps that utilize both application and delegated API permissions are marked with the hybrid () icon.
- Apps that have delegated API permissions only are marked with the purebred () icon.
- If your organization has extremely limited required permissions and decides to use custom apps, refer to the [Create Custom Apps](#missing-link) section for additional details.
> ***Note**: For Google tenants, using a default service app may encounter throttling issues caused by Google quota limits. If performance is a concern, consider configuring a custom Google app for your organization.
- AvePoint Online Services will securely store the consent token of users for applications in Microsoft Entra ID that utilize delegated API permissions.
> ***Note**: For the non-interactive user sign-in in Microsoft Entra, the IP address is always pointing to the original client IP when the application is using the delegated token. For more information, refer to this .
- If multi-factor authentication (MFA) is enabled on a Microsoft 365 account, this account can still be used to consent to app profiles. For apps with delegated permissions, the related app profiles need to be re-authorized if MFA is enabled on the consenting users’ Microsoft 365 accounts after they have given consent to the app profiles. For additional details, refer to the [Microsoft Tenant](#missing-link) section.
- Salesforce has published an to restrict the use of uninstalled connected apps from early September 2025. This will not affect your organization if there are no apps to be created/reauthorized. However, for organizations who need to create a new app or reauthorize an app, you must either install the app in your Salesforce environment, or ensure that the user consenting to the app has the following required permissions:
- If API Access Control is enabled, only the “Use Any API Client permission” gives access to use uninstalled apps.
- If API Access Control isn’t enabled, trusted users can use uninstalled apps if they have the “Approve Uninstalled Connected Apps” permission.
The Tenant Owner and Service Administrators can navigate to Management > App management to manage app profiles via the following actions:
- To create an app profile, click **Create**. On the **Create app profile** page, select a tenant, select services, select a setup method (modern mode, classic mode, or custom mode), and then consent to apps. After an app profile is created, the related app will be created in the environment. For details on creating an app profile, refer to [Create an App Profile](#missing-link).
> ***Note**: Before you create an app profile, you must ensure that the tenant has been connected to AvePoint Online Services. For more details on connecting tenants, refer to [Connect Your Tenants to AvePoint Online Services](#missing-link).
- To edit the name and description of an app profile or change the services for which an app profile can be used, select the app profile and click **Edit**. On the **Edit app profile** page, edit the name or description, select services which will be supported by the app profile, and click **Save**.
- **Re-authorize** app profiles for Microsoft/Salesforce/Amazon tenants. For detailed scenarios and instructions on reauthorizing app profiles, refer to [Re-authorize an App Profile](#missing-link).
> ***Note**: For Google tenants, the related app profiles are not supported to be re-authorized in AvePoint Online Services. If you want to add new permissions to a Google app, to re-authorize the app, you must navigate to Google Admin console > **Apps** > **Google Workspace Marketplace apps** > **App list**, click the app, and click **Grant access** to add the required permissions to the app.
- To view details of an app profile, click the link in the **Profile name** column. The **App profile** **detail** page appears on the right of the page. When you view the details of an app profile, you can edit or re-authorize the app profile.
- Before you delete an app profile, ensure it is no longer needed. To delete one or multiple app profiles, select the app profiles, click **Delete**, and click **Confirm** in the confirmation window.
- To manage columns in the table on the **App management** page, click **Column** on the upper-right corner of the page, select desired options, and click **Apply**.
- To find app profiles of specific tenants, services, or statuses, click **Filter** on the upper-right corner, select desired options in the **Tenant**, **Service**, and **Status** sections, and then click **Apply**.
On this page