Google Workspace Updates

Allow users to install and run any internal app from Marketplace

Wednesday, October 4, 2023

What’s changingWe’re introducing a new admin setting to control whether users can install and run any internal app from the Google Workspace Marketplace along with their allowlisted third-party apps. This added admin feature gives more controls to customize users’ access to trusted internal apps based on their company policies, security requirements and user needs.
Currently, admins can leverage Marketplace apps access settings to choose to allow users to access all internal and third-party apps or specific allowlisted internal and third party apps published in the Marketplace. Many organizations build internal apps and add-ons specifically for for their organization, and this added admin control saves admins time by allowing them to distribute all internally-built apps with a single click, rather than managing and allowlisting each one.

Who’s impacted Admins, end users and developers

Why it matters This requested feature enables admins to have added control over app access settings.

Additional details With this new setting, admins can allow any internal app, but still limit the installation of third-party apps. Internal apps are apps that are privately-published in your organization.

Getting started

Admins:

This setting will be OFF by default and can be enabled by going to the Admin console > Menu > Apps > Google Workspace Marketplace apps > Settings. Visit the Help Center to learn more about managing Marketplace apps on your allowlist.
For organizations using API controls to restrict app access to the user data, consider checking the Trust internal apps setting to allow API access for all internal apps.

End users: If enabled by their admin, you can install any internal app from the Marketplace by going to workspace.google.com/marketplace/mydomainapps.

Rollout pace

Rapid Release and Scheduled Release domains: Extended rollout (potentially longer than 15 days for feature visibility) starting on October 4, 2023

Availability

Available to all Google Workspace customers

Resources

Google Workspace Admin Help: Control user access to Marketplace apps

Build content quickly in Google Docs with instant access to building blocks and more

Tuesday, October 3, 2023

What’s changing We’re introducing new buttons at the top of your Google Doc that enable you to quickly insert building blocks for different types of content, such as meeting notes, email drafts and more, directly into your document.
Simply click your preferred button or choose '@ More’ to see options like drafts for a Calendar event or a code block.

New buttons allow you to insert building blocks and more when creating a new document.

Who’s impacted

End users

Why you’d use it This feature boosts productivity and saves time by helping you quickly access Docs smart canvas features like email drafts, meeting notes, and search for more.

Additional details The row of buttons will only appear at the top of newly created or empty Google Docs, meaning you will not see these options in documents with existing content.

Selecting the “@ More” option will display a menu allowing you to search for Docs features and leverage the power of smart canvas.

Getting started

Admins: There is no admin control for this feature.
End users: This feature will be ON by default.

Rollout pace

Rapid Release domains: Gradual rollout (up to 15 days for feature visibility) starting on October 3, 2023
Scheduled Release domains: Gradual rollout (up to 15 days for feature visibility) starting on October 18, 2023

Availability

Available to all Google Workspace customers and users with personal Google Accounts

Resources

Presented content will be captured in higher definition in Google Meet recordings

Tuesday, October 3, 2023

What’s changing For recorded meetings in Google Meet, we’re increasing the maximum resolution for shared content from 720p to 1080p. This will help ensure crisper text and visuals for presented content, creating a better viewing experience. Note that the rest of the meeting capture will remain at a maximum of 720p.

Getting started

Admins: Screen shared content in meeting recordings will be in 1080p by default. Visit the Help Center to learn more about turning meeting recordings on or off for your organization.
End users: If enabled by your admin, use this Help Center article to learn more about meeting recordings and who can record meetings.

Rollout pace

Rapid and Scheduled Release domains: Gradual rollout (up to 15 days for feature visibility) starting on October 3, 2023

Availability

Available to Google Workspace Business Plus, Business Standard, Education Plus, Enterprise Essentials, Enterprise Plus, Enterprise Standard, Enterprise Starter, and the Teaching and Learning Upgrade customers

Resources

Improved search results in Google Chat

Tuesday, October 3, 2023

This announcement is part of Google Cloud Next ‘23. Visit the Workspace Blog to learn more about the new Google Chat.

What’s changingLast year,
Now, when searching in Chat, machine learning models will use the search term(s), most recent Chat conversations in direct messages and spaces, and other factors to help you find more accurate and relevant Chat message results.

Who’s impacted End users

Additional details By default, search results will be sorted by relevance, but you have the option to change the result sorting to recency by clicking on the sort dropdown.
If you unselect “Only conversations I’m in” at the top of the results page, you’ll see matching results from spaces that you’re not a part of, but have the option to join. For those spaces, you can preview and join them from the search results page itself.

Getting started

Admins: There is no admin control for this feature.
End users: Visit the Help Center to learn more about searching for Google Chat messages.

Rollout pace

This feature is available now on web, Android and iOS.

Availability

Available to all Google Workspace customers

Resources

Navigate to Chrome Browser management faster in the Admin console

Tuesday, October 3, 2023

What’s changingIn the Admin console, we’ve added a dedicated category for Chrome Browser admin capabilities in the left-hand navigation menu. Previously, you would have to go to Devices > Chrome > Managed browsers as a Chrome Browser admin — this makes navigating to these specific pages faster. From here, you’ll be able to take actions such as configuring and enforcing Chrome policies, view reports on Chrome browsers in your organization, and more. For even more convenient access, you can pin this link to the top of your navigation bar.

Getting startedAdmins:

This update will be automatically available.

Customers can sign-up for ChromeOS and Chrome Browser Management and use Admin Console to manage their devices/browsers.

Rollout pace

Rapid Release and Scheduled Release domains: Full rollout (1–3 days for feature visibility) starting on October 3, 2023

Availability

Available to all Chrome Browser Cloud Management and Google Workspace customers

Resources

Google Workspace Admin Help: Navigate the Admin console

New Google Calendar appointment scheduling features

Tuesday, October 3, 2023

What’s changingAppointment scheduling allows you to manage your availability and let customers and partners book time with you directly within Google Calendar via a personal booking page. To improve upon the current experience, we’re adding:

Five to fourteen minute appointment slots that are customizable. Previously, the minimum duration was fifteen minutes.
The option to hide or show Appointment schedules within the Calendar view on web.

The option to hide or show Appointment schedules within the Calendar view on web.

We hope these highly requested features help you to set more relevant meeting durations and tailor your Calendar view to match your preferences.

Getting started

Admins: There is no admin control for this feature.
End users:

To set up your appointment schedule, open Calendar > at the top left, click Create > select Appointment schedule > Set up the schedule.
To customize appointment slot durations, create or edit an Appointment Schedule. Under Appointment duration, select the dropdown > click Custom > Enter a duration. Visit the Help Center to learn more about setting your appointment duration.
Appointment schedules will show by default. To hide Appointment schedules, go to the View Switcher and deselect Show appointment schedules. Visit the Help center to learn more about creating an appointment schedule.

Note: if Appointment schedules are hidden and you create a schedule or add time to an existing schedule, appointment schedules will reappear in your Calendar view.

Rollout pace

Availability

Available to Google Workspace Business Standard, Business Plus, Enterprise Standard, Enterprise Plus, Education Fundamentals, Education Standard, Education Plus, the Teaching and Learning Upgrade, Nonprofits, Workspace individual subscribers, and users with personal Google Accounts

Resources

Google Help: Create an appointment schedule

Configure Android zero-touch devices directly from the Admin console

Monday, October 2, 2023

What’s changing We’re integrating the Android Zero-Touch iFrame with the Admin console for a better, more seamless experience for admins. Zero-Touch devices are devices which have been purchased from Zero-Touch resellers and used in company owned mode.
Directly from the admin console, admins will be able to:

Set Google Workspace provided configurations for zero-touch devices.
Link Workspace accounts with zero-touch accounts, ensuring devices will always enroll under Google endpoint management. They’ll also have the ability to unlink accounts if needed. Note that one Workspace account can be linked to multiple zero-touch accounts, but a zero-touch account can be linked to only one Workspace account.

In the Admin console, navigate to Devices > Mobile & endpoints > Settings > Enrollment > Android Zero touch

Who’s impacted

Admins

Why you’d use it

This update makes it easier for admins to specify a Zero touch configuration for their company owned devices directly from the Admin console. For enterprise mobility management partners (EMMs) this also minimizes the number of Google APIs and portals they need to interact with as well. Zero-touch devices will always enroll an account according to the GEM provided configuration — users cannot bypass this, even if they factory reset the device.

We strongly recommend that you continue to use the Zero-Touch customer portal if you need to:

View a list of your zero-touch company owned devices
Create more than one custom configuration
Set or remove configurations from a device

Getting started

Admins:

Visit the Help Center to learn more about setting up automatic zero-touch enrollment for Android.
Note that zero-touch devices will use CloudDPC as the managing agent – for more information, see this Android Management API documentation.

Rollout pace

Rapid Release and Scheduled Release domains: Available now.

Availability

Available to Google Workspace Business Plus, Enterprise Essentials, Enterprise Essentials Plus, Enterprise Standard, Enterprise Plus, Education Fundamentals, Education Standard, Teaching and Learning Upgrade, Education Plus, Frontline Starter and Frontline Standard customers.
Available to Cloud Identity Premium customers.

Resources

Google Workspace Admin Help: Create automatic zero-touch configurations for Android devices

Configure and bind multiple Android Enterprise Mobility Management providers

Monday, October 2, 2023

What’s changing You can now bind multiple Android enterprise mobility management providers (EMM) to your Google Workspace account. Previously, you could only bind a single EMM within your organization. This update gives you more control over how devices in your organization are managed. Specifically, it offers:

More flexibility: You can choose the right EMM for each user group in your organization. For example, you can use one EMM for engineers and another for retail staff.

Enhanced control: You can now have multiple instances of the same EMM provider, for example a cloud instance and an on-premise instance, to manage different sets of users.

Easier migrations: You can now run multiple EMMs in parallel, allowing them to perform phased migrations from an old EMM to the new EMM over time.

Additional details

Private apps

We strongly recommend that admins familiarize themselves with how binding multiple EMMs will impact availability of private apps. You can find more information in our Help Center regarding creating web apps and distributing private apps.

Google Play store

If you’re binding multiple EMMs to a Google Workspace or Google Cloud identity account, you must use your EMM iframe and not play.google.com/work to access the managed Google Play store.

Getting started

Rollout pace

This feature is available now for all users.

Availability

Available to all Google Workspace customers.

Resources

Google Workspace Updates Weekly Recap - September 29, 2023

Friday, September 29, 2023

3 New updates Unless otherwise indicated, the features below are available to all Google Workspace customers, and are fully launched or in the process of rolling out. Rollouts should take no more than 15 business days to complete if launching to both Rapid and Scheduled Release at the same time. If not, each stage of rollout should take no more than 15 business days to complete.Improved paste values experience in Google Sheets Previously, when pasting a number in Google Sheets using Paste special > Values only, the content pasted was only the text from the original range of cells. For example, for the date 9/21/2023, paste values only would paste the date serial number of 45190. To improve upon this feature, the default for paste values for numbers will include values and the number format, meaning all of your numbers will retain their formatting as you are working in Sheets. | Available now to all Google Workspace customers and users with personal Google Accounts.

Improved paste values experience in Google Sheets

Different certificates for signing and encrypting messages in Gmail If your organization uses different certificates for signing and encrypting messages, you can now use the Gmail CSE API to upload different encryption and signature public certificates for each user. | Rolling out to Rapid Release domains now; launch to Scheduled Release domains planned for October 9, 2023. | Available to Google Workspace Enterprise Plus, Education Plus, and Education Standard customers. | Visit the Help Center to learn more about using the Gmail CSE API to manage user certificates.

Allow certificate mismatches for client-side encrypted messages In some cases, the email address associated with a user’s certificate might be different from their primary email address — this is known as a certificate mismatch. Admins can now opt to allow certificate mismatches, which means their end users will be able to decrypt and read messages with a mismatch. It should be noted that we recommend allowing certificate mismatches only when this feature is absolutely required for our organization. | Rolling out to Rapid Release domains now; launch to Scheduled Release domains planned for October 9, 2023. | Available to Google Workspace Enterprise Plus, Education Plus, and Education Standard customers. | Visit the Help Center to learn more about allowing certificate mismatches for client-side encrypted messages in Gmail.

Previous announcements

The announcements below were published on the Workspace Updates blog earlier this week. Please refer to the original blog posts for complete details.

Create, modify, and insert email templates within Groups messages When you’re using Groups to send messages, you can save a composed message as a template to reuse in the future. | Learn more about email templates within Groups messages.
Additional space manager capabilities in Google Chat We’re adding two new controls to the list of space manager capabilities in Google Chat that were introduced earlier this year to ensure effective conversations take place in spaces. The new “Manage apps” and “Manage webhooks” options will allow space managers to control the ability of space members to add and remove apps and webhooks to a space. | Learn more about new space manager capabilities.
Easily link to a specific message in Google Chat Building upon the recent updates in Google Chat, such as message views, in-line replies and larger spaces, we’re introducing message linking, an additional feature that helps teams collaborate more effectively. | Learn more about message linking.
Easily add or remove groups of members to a space in Google Chat We’re introducing a new app for Google Chat called Bulk Member Manager that enables space managers and space members, who have permission to manage members, to easily add or remove members to or from a space in bulk. | Learn more about the Bulk Member Manager app.
The next phase of digital whiteboarding for Google Workspace In late 2024, we will wind down the Jamboard whiteboarding app as well as continue with the previously planned end of support for Google Jamboard devices. | This update impacts all Google Workspace customers who use the Jamboard app or 55-inch Jamboard device. | Learn more about the winding down of the Jamboard whiteboarding app.
Updates regarding the transition from spaces organized by topic to in-line threading in Google Chat In 2022, we introduced in-line threading for Google Chat and since March 2023, all newly created spaces in Google Chat are in-line threaded by default. On September 30, 2023, we will begin taking the next step toward a single, streamlined flow of conversation in Google Chat: all existing spaces organized by conversation topic will be upgraded to the in-line threaded experience. We’d like to share more information regarding the migration, what to expect, as well as what’s next for Google Chat. | Learn more about in-line threading in Google Chat.
Client-side encryption in Gmail is now available on mobile devices We’re expanding client-side encryption in Gmail to Android and iOS devices, so you can read and write encrypted messages directly from your device. | Learn more about client-side encryption in Gmail on mobile devices.
Beginning September 30, 2024: third-party apps that use only a password to access Google Accounts and Google Sync will no longer be supported Google Workspace will no longer support the sign-in method for third-party apps or devices that require users to share their Google username and password. | Learn more about Access to Less Secure Apps (LSA).

Completed rollouts

The features below completed their rollouts to Rapid Release domains, Scheduled Release domains, or both. Please refer to the original blog posts for additional details.

Rapid Release Domains:
Collaborate more seamlessly with Live pointers in Google Slides
Pair your video tile in Google Meet to improve accessibility for users with language interpreters
Scheduled Release Domains:
Find what you need faster with new Google Drive organizational options
Adding bulk conversion for place chips in Google Sheets
Copy space member email address in Google Chat
Evolving collaboration in Google Chat with smart chips
Expanding autocorrect to Google Chat
Insert links in the Google Sheets app on iOS devices
Rapid and Scheduled Release Domains:
Dynamic groups now supports negation queries
Add Google Groups to spaces in Google Chat (admin control)
Create, modify, and insert email templates within Groups messages
Easily add or remove members in bulk to a space in Google Chat
Client-side encryption in Gmail is now available on mobile devices

For a recap of announcements in the past six months, check out What’s new in Google Workspace (recent releases).

Beginning September 30, 2024: third-party apps that use only a password to access Google Accounts and Google Sync will no longer be supported

Friday, September 29, 2023

What’s changing As part of our commitment to user safety, Google Workspace will no longer support the sign-in method for third-party apps or devices that require users to share their Google username and password. This antiquated sign-in method, known as Less Secure Apps (LSAs), puts users at an additional risk since it requires sharing Google Account credentials with third-party apps and devices that can make it easier for bad actors to gain unauthorized access to your account.

Instead, you’ll need to use the option to Sign-In with Google, which is a safer and more secure way to sync your email to other apps. Sign-in with Google leverages industry standard and more secure OAuth method of authentication already used by the vast majority of third-party apps and devices.

We previously announced this change in 2019, and are now ready to share an updated timeline regarding this change:

Access to Less Secure Apps (LSA) will be turned off in two stages:

Beginning June 15, 2024:

The LSA settings will be removed from the Admin console and can no longer be changed. Enabled users can connect during this time, but disabled users will no longer be able to access LSAs. This includes all third-party apps that require password-only access to Gmail, Google Calendar, Contacts via protocols such as CalDAV, CardDAV, IMAP, SMTP, and POP.
The IMAP enable/disable settings will be removed from users’ Gmail settings.
If you’ve been using LSAs prior to this date, you can continue using them until September 30, 2024.

Beginning September 30, 2024:

Access to LSAs will be turned off for all Google Workspace accounts. CalDAV, CardDAV, IMAP, POP and Google Sync will no longer work when signing in with just a password — you will need to login with a more secure type of access called OAuth.

As part of this change, Google Sync will also be sunsetted:

Beginning June 15, 2024: New users will not be able to connect to Google Workspace via Google Sync.

September 30, 2024: Existing Google Sync users will not be able to connect to Google Workspace. Here is how you can transition your organization off Google Sync. To find Google Sync usage in your organization, please go to the Admin Console, navigate to Devices > Mobile & Endpoints > Devices, and filter by Type: Google Sync.

See below for more specific guidance for admins, end users, and developers regarding this change.

Who’s impacted

Admins and end users

Getting Started

Admins

Preparing your end users

In order for your end users to continue using these types of apps with their Google Workspace accounts, they must switch to a more secure type of access called OAuth. You’ll receive more information via email with affected users in your organization in the coming months. We recommend that you share the user instructions (included below) to help them make the necessary changes.

Mobile Device Management (MDM) Impact

If your organization uses a mobile device management (MDM) provider to configure IMAP, CalDAV CardDAV, POP or Exchange ActiveSync (Google Sync) profiles, these services will be phased out according to the timeline below:

June 15, 2024

MDM push of password based IMAP, CalDAV, CardDAV, STMP, POP and Exchange ActiveSync (Google Sync) will no longer work for customers who try to connect to an LSA for the first time.

If you use Google Endpoint Management, you will not be able to turn on "Custom Push Configuration" settings for CalDAV and CardDAV.

September 30, 2024

MDM push of password based IMAP, CalDAV, CardDAV, SMTP and POP will no longer work for existing users. Admins will need to push a Google Account using their MDM provider, which will re-add their Google accounts to iOS devices using OAuth.

MDM push of password based Exchange ActiveSync (Google Sync) will no longer work for existing users. Admins will need to push a Google Account using their MDM provider, which will re-add their Google accounts to iOS devices using OAuth.

If you use Google Endpoint Management, “Custom push configuration-CalDAV” and “Customer push configuration-CardDAV” (more details about the settings here) will stop being effective.

Scanners and other devices

If you have scanners or other devices using simple mail transfer protocol (SMTP) or LSAs to send emails, you’ll need to either: configure them to use OAuth, use an alternative method, or configure an App Password for use with the device.

End users

If you are using an app that accesses your Google Account with only a username and password, take one of the following actions to continue to access your email, calendar, or contacts. If you do not take one of the following actions by September 30, 2024, you will begin receiving an error message that your username-password combination is incorrect and you will not be able to log in.

Email Applications

Outlook 2016 or Earlier

Move to Microsoft 365 (formerly known as Office 365, a web-based version of Outlook) or Outlook for Windows or Mac, both of which support OAuth access.

Alternatively you can use Google Workspace Sync for Microsoft Outlook.

Thunderbird or another email client

Re-add your Google Account and configure it to use IMAP with OAuth.

The mail app on iOS or MacOS, or Outlook for Mac and use only a password to login

You’ll need to remove and re-add your account. When you add it back, select “Sign in with Google” to automatically use OAuth.

MacOS:

iOS:

Calendar Applications

If you use an app that uses password based CalDAV to give access to your calendar, switch to a method that supports OAuth. We recommend the Google Calendar app [Web/iOS/Android] as the most secure app to use with your Google Workspace account.

If your Google Workspace account is linked to the calendar app in iOS or MacOS and uses only a password to login, you’ll need to remove and re-add your account to your device. When you add it back, select “sign in with Google” to automatically use OAuth. Read more.

Contacts Applications

If your Google Workspace account is syncing contacts to iOS or MacOS via CardDAV and uses only a password to login, you’ll need to remove your account. When you add it back, select “sign in with Google” to automatically use OAuth. Read More.
If your Google Workspace account is syncing contacts to any other platform or app via CardDAV and uses only a password to login, switch to a method that supports OAuth.

All Other Applications

If the app you are using does not support OAuth, you will need to switch to an app that offers OAuth or create an app password to access these apps.

Developers

To maintain compatibility with Google Workspace accounts, update your app to use OAuth 2.0 as a connection method. To get started, follow our developer guide on using OAuth 2.0 to access Google APIs. You can also refer to our guide on OAuth 2.0 for mobile & desktop apps.

Users with personal Google accounts: In the coming weeks we will be removing the IMAP enable/disable toggle from your Gmail settings. IMAP access is always enabled over OAuth and your current connections will not be impacted. No action is required of users.

Availability

This change impacts all Google Workspace customers.

Resources

Google Help: Check Gmail through other email platforms

Useful Links

Join the official community for Google Workspace administrators

In the Google Cloud Community, connect with Googlers and other Google Workspace admins like yourself. Participate in product discussions, check out the Community Articles, and learn tips and tricks that will make your work and life easier. Be the first to know what's happening with Google Workspace.

______________

Learn about more Google Workspace launches

On the “What’s new in Google Workspace?” Help Center page, learn about new products and features launching in Google Workspace, including smaller changes that haven’t been announced on the Google Workspace Updates blog.

______________

Updates

Allow users to install and run any internal app from Marketplace

Build content quickly in Google Docs with instant access to building blocks and more

Presented content will be captured in higher definition in Google Meet recordings

Improved search results in Google Chat

Navigate to Chrome Browser management faster in the Admin console

New Google Calendar appointment scheduling features

Configure Android zero-touch devices directly from the Admin console

Configure and bind multiple Android Enterprise Mobility Management providers

Google Workspace Updates Weekly Recap - September 29, 2023

Beginning September 30, 2024: third-party apps that use only a password to access Google Accounts and Google Sync will no longer be supported

Filter by product

Filter by date

Subscribe by feed

Subscribe by email

Localized Google Workspace Updates

Useful Links

Join the official community for Google Workspace administrators

Learn about more Google Workspace launches