Got a dashboard, admin panel, or internal tool you want online but not open to the world? Publish it like any other app, then put a Google sign-in gate in front of it.
zomg service start tools dashboard --port 8080 --publish tools -- node server.js
zomg auth box tools --required
Now anyone hitting https://tools.<domain> has to sign in with Google first.

Decide who gets in

By default, sign-in is limited to your Google Workspace domain. You can widen or narrow that:
# Allow a whole domain
zomg auth settings --allowed-domain example.com

# Allow specific people
zomg auth settings --allowed-email alice@example.com
Each app can opt in or out on its own — require auth on the sensitive ones, keep a marketing page public:
zomg auth box tools --required   # gate this one
zomg auth box site --public      # leave this one open

Lock down everything else too

Auth isn’t just for published apps. You can require sign-in on unpublished box URLs and system routes like the dashboard and API, so nothing is reachable without a Google login:
zomg auth settings --protect-unpublished --protect-system

Keep going

Auth

Set up the Google OAuth client and configure who can sign in.

Services

Publish an app and manage it.