Google Advanced Protection (GAP)

Google Workspace Accounts

By default, Superhuman isn’t compatible with Google Advanced Protection (GAP). However, we've found that it is possible for Superhuman to coexist with GAP if the account is part of a Google Workspace and the Workspace Admin explicitly allows Superhuman to have access.


Note that this is not yet possible for personal Gmail accounts.


If you have an account that is part of a Google Workspace (i.e., your work email), your Workspace Admin can adjust your Workspace settings to enable Superhuman:


How to adjust your Google Workspace settings

  1. Go to admin.google.com

  2. Under Security click on API Controls 

    cfc0a37fefc6e06467b6599c56050ea4.png

  3. Ensure that this box is not checked (the default is not checked): 

    67f0a981589cd15fa95311cd88531b0c.png

  4. Visit Manage Third-Party Access (here's a direct link to that page): 

    84ed8549b5a3def1c1d06abaa4e4006a.png

  5. Click on Add App then from that dropdown click on OAuth App Name Or Client ID 

  6. 88222d3887532aa0d4046cd45b6d7ea5.png

    Type in 649336022844-5drlcmeo8tov7aabf8atnrbnsv3t1447.apps.googleusercontent.com then hit Search and select Superhuman 

    47a56fb439fc7dcac50237421465957b.png

  7. Check the client ID and click Select

    cb7a02ab5694f0175bbf9c62d13693fa.png

  8. Select Trusted then click Configure 

  9. df9b53fa4caeda9794d2abc25582d2a5.png

    Follow steps 5-8 again to configure our iOS app. This time use the client ID 649336022844-jlrmhbd93nmaigclvn6etjfnttrlh7v7.apps.googleusercontent.com for step 6.

  10. Follow steps 5-8 again to configure our Android app. This time use the client ID 649336022844-grdoc08d9gq2ka8jaukdrq2p43mhcdg6.apps.googleusercontent.com for step 6.

As a heads up, you may need to use OAuth App Name or Client ID for the iOS app rather than selecting iOS.

Personal Gmail Accounts

GAP and Superhuman are not compatible for personal Gmail accounts. However, many Superhuman users do not require GAP for their personal accounts:


GAP does three things:

  1. Requires you to use a U2F 2-factor-auth device (like a Yubikey) instead of getting text messages or using an authenticator app.
  2. Prevents 3rd party clients (like Superhuman or Apple Mail) from accessing Gmail or Google Drive.
  3. Prevents automated password recovery (to protect against the case where someone has access to your backup email address).

You can get the security advantages of #1 without sacrificing #2, by setting up two U2F devices in your Google Account's 2-factor-auth settings, and removing your phone as a 2-factor-auth device.