If you're seeing an "Error 400: policy_enforced" message when accessing one of your Gmail accounts within Shift, this is indicative that you need to adjust your email account's security settings, internally, at the administrative level.
This particular error message is delivered when a Gmail account has had "Advanced Protection" enabled. When "Advanced Protection" is enabled within your Google account, non-Google apps and services are blocked by default from accessing your Google Drive and Gmail.
Google Support article on Advanced Protection, here.
The administrator of your Gmail account will need to manually grant Shift access to your Google data.
Here's how to adjust your settings such that Shift is granted access under Advanced Protection:
- When receiving the "Authorization Error" screen, click on "Request Details" and take note of the "client_id" (which ends in .apps.googleusercontent.com) - this is important for later in the process.
- Log in to the Google admin console (https://admin.google.com)
- On the left sidebar menu, click on "Security", then "API Controls".
- On this page, under the "Overview" section, click on "MANAGE THIRD-PARTY APP ACCESS".
- On the next page, in the table called "Configured apps", click on "Add app" and select "OAuth App Name or Client ID"
- On the next page, type in "Shift" and click "SEARCH". Select "Shift" from the results list (make sure it's the one that has the Shift app icon on the left).
- You will be presented with a table that shows the Client ID of apps that have previously tried to access their accounts. Look at the "client_id" that you were asked to take note of in step one, select the one that matches, and click "SELECT" at the bottom of the screen.
- Go back into Shift, and hit Command + R (Mac) or Control + R (Windows) in that email account to clear the error.
- You will now be able to access that email within Shift.
Find answers to other common questions and issues here.
Learn about using emails in Shift here.