If a G Suite organization has limited the ability to install G Suite applications, a few extra steps need to be taken by a G Suite admin to allow signing into Gem Scheduling. If you try to sign in, you'll see the authorization error "Error 400: admin_policy_enforced".
If you're not a G Suite admin, you can share this document with someone who is, though there's a good chance they'll already know how to configure things correctly.
Allowing the Gem Scheduling app to have API access
To allow users to sign into Gem Scheduling, you'll need to configure it to have API access through the G Suite admin portal.
First, click on "Security", and then "App access control" at the bottom.
Next, click on the "Manage Third-Party App Access" button.
Then, click on the "Configure new app" dropdown and select "OAuth App Name Or Client ID".
In the next window that appears, you can search for the name "Gem Scheduling", and it should be the only result that appears. If it's not the only one that shows up, you can search by our Client ID which is 575075043910-q559caeor0uvn2aeo1v49p0srdpa5hpl.apps.googleusercontent.com. Once you've found it, click "Select".
On the next step, select the only OAuth Client ID available, 575075043910-q559caeor0uvn2aeo1v49p0srdpa5hpl.apps.googleusercontent.com, and click "Select".
On the last step, select "Trusted: Can access all Google services", and click "Configure". This doesn't mean we get access to everything, it only means we can now request access to use specific APIs. For a full list of API permissions we use, see this article.
Once you've done that, users should now be able to sign into Gem Scheduling.