Workplace App Review

All Third Party Apps are reviewed by Workplace before they can be used by customers and annually thereafter. This page will help you to prepare for and successfully pass the app review process.

What is App Review?

App Review is a process that we use to ensure the best possible Workplace experience for your app’s audience. The process aims to help people feel in control of how your app is using their data by requesting only the permissions your app needs to provide a great user experience. App Review happens at the permission level,so even if you have completed it once, and then decide to add permissions to your integration, you may need to submit for review again.

When to Submit?

You can begin the review process at any time, and you can edit your submission before it is reviewed, but we recommend that you begin a submission only after you have thoroughly tested your app and you are ready for release. If your app has already gone through App Review and has been approved for specific permissions then changing the information in Integration Directory will require you to complete the review process here.


App review follows having requested a Third Party app and having completed your app development. When ready, this page describes what you need to do to submit your app for App Review and to complete Business Verification.

Prepare for App Review

If you are an independent software vendor (ISV) that wants to integrate your SaaS product with Workplace and make it available to our customers, you must first request a third party app. If your request is approved, you will then need to integrate your product with Workplace's install flows, APIs, and webhooks (as applicable).

During the app creation request, you are required to supply a User ID of a Facebook user who can be added as a Admin on your Workplace app. This individual can configure your app via

The following steps describe how to prepare for App Review:

Complete Business Verification

Business verification allows us to verify your identity as a business entity, which we require if your app will be accessing sensitive data. All ISVs that offer Third Party Apps to Workplace customers must have completed Facebook's Business Verification. This step is required once per company, irrespective of the number of apps the company supports. The instructions to complete this step is outlined below.

  • Go to Settings -> Basic
  • In the Business Verification section, select Get Started button
  • In the dialog either select from the list of existing Business Manager Account of which you are an admin otherwise Create Business Manager Account
  • Click on Submit to link the app to the Business Manager Account
  • Go to Business Manager -> Business Settings -> Security Center
  • Follow the instructions and fill in the details to complete Business Verification

Please ensure the person initiating the above steps is the admin of both the app and the business in the Business Manager.

Configure your App

Your app admin will need to configure the following values:

  • App Name (no more than 30 characters)
  • App Icon (1024x1024, PNG format with transparent background)
  • Redirect URL (under "Facebook Login")
  • Tagline (recommend 40 chars max) (under "App Center")
  • Short Description (recommend 50 words max) (under "App Center")
  • Publisher (under "App Center", no more than 30 characters)
  • Marketing URL (under "App Center")
  • Terms of Service URL (under "App Center")
  • Privacy Policy URL

Prepare Your Workplace Directory Listing

Selected apps will featured within the Workplace Integration Directory. Therefore you are required to configure your app with the following information:

  • Integration name
  • Developer / publisher Name
  • App logos and icons
  • A subtitle / tagline
  • A description of your integration
  • External links
  • Privacy policy and terms of service page URLs
  • Showcase images or screenshots

The requirements for each of these items are described below:

Integration Name

A string which represents your app's name. This will be visible in the directory and wherever your app is referred to. If your integration has a bot, this will also be the bot's name, unless your app supports white-labeling.

Maximum Character Length: 32

  • “Dropbox”
  • “Envoy”
  • “Jira”

Developer/Publisher Name

A string that represents your company/organization. Will be used alongside the integration name to help people understand who is responsible for the functionality of the integration.

Maximum Character Length: 32

  • “Dropbox, Inc.”
  • “Recognize Services, Inc.”

App Logo & Icons

  • A 1024 x 1024 png. This will be used as the icon image for your integration in the directory, the install dialog and various other places where we need a larger icon. If your integration has a bot, this will also be the bot's icon. We will scale this down to multiple sizes.
  • A 64x64 colour app favicon (transparent PNG). This will be scaled down to 32x32 and 16x16 formats.
  • A 64x64 monochrome (black) app icon (transparent PNG). This will be scaled down to 32x32 and 16x16 formats.
  • Primary Brand Color (hex). This will be used to colorize your app's monochrome icon in certain circumstances and may be user as background/header colour where we promote your integration.

App Subtitle / Tagline

A short sentence description of what your integration does. This will be shown in the directory where we list multiple integrations together, and in the integration install dialog.

  • “High quality video conferencing.”
  • “Quick and simple surveys via Chat.”
  • “The new standard for visitor registration.”

Maximum Character Length: 40

Integration Description

A clear description of what your integration/app does and why people should install/enable it. This will use shown in your integration's directory listing.

Maximum Character Length: 400

  • Learn More - direct link(public to the internet) where users can go to learn more about what your app/product does and how your integration works. This may be a blog post which details your integration's functionality, or a help center/support article that gives more detail to people on what they can expect once your integration is added to their Workplace. For example:
  • Setup Guide - direct link (public to the internet) to a document containing the setup / configuration steps that an admin needs to take to prepare your app for use with Workplace. If the app needs to be setup outside of Workplace then ensure to list the steps required for the same.
  • Privacy Policy - direct link (public to the internet) to a document containing your app's privacy policy. This URL will be linked for all admins upon initiating an install of your app.
  • Terms of Service - direct link (public to the internet) to a document containing your app's terms of use. This URL will be linked for all admins upon initiating an install of your app.

Customer Support

You may supply one or both of Customer Support Documentation or a Customer Support Email address, but at least one of these is required.

  • Customer Support Documentation - A publicly visible user-facing URL to where users/customers of your integration can go to ask questions and raise bugs. Ideally this URL should directly let a user input a support request, but at a minimum there must be clear instructions on how to do so.
  • Customer Support Email - A user-facing email addreess where users/customers of your integration can go to ask questions and raise bugs. Please endeavour to ensure that people receive a reply within 24 hours. If you're unable to provide that turnaround, you should setup an auto-reply which confirms receipt and provides an expected timeframe for your response or directs people to another channel where they can file bugs or give feedback about your integration. Our support team will pass this email address to Workplace customers if they contact us about a problem with your integration.


A set of images that showcase what your integration does. You can include a mix of mobile and desktop screenshots. You must supply between three and eight images.

Each image must be:

  • 800px high
  • between 400px wide (min) and 1000px wide (max)
  • full-bleed PNG

Submit For App Review

Once the above steps are completed, you are ready to submit for App Review.

As part of the review, our team will verify that your integration uses the minimum number of required permissions to provide your app's functionality and that your configuration is complete. You may be given feedback on your integration at this stage.

App Review Submission Steps

  • Make sure to fill out all the fields (as described above) in the Details tab under Workplace
  • Click on the Review tab under Workplace to start the submission
  • For every permission click on "Add to Submission" button (All the permission granted during app creation will be subjected to app review)
  • In the Current Submission section, for every permission click on Edit Details and complete the following:
    • Detailed explanation on how the permission is enabling the intended functionality and interaction with the user
    • Upload a screencast based on the specified requirements which demoes the use of the permission
  • Click on the Edit Details for App Verification and provide 2 test user credentials for the review team to configure and test the app in Workplace
  • Click on Submit for Review once all the information is provided

Next Steps

Your app may be required to pass Workplace's security review process, which is required for:

  • Any app that uses at least one medium- or high-sensitivity permission
  • Chat bots that can be added to group chats
  • Any chat bot that inherently sends sensitive Personally Identifiable Information (PII) in chat messages
  • Other circumstances, as deemed necessary by Workplace