ClarityTrack Personal debt payoff tracking
Tip: You can also ask Clarity this question directly inside the app.
Entry point: /settings (Email Connections section)

Configure the email domain allowlist

After you connect Gmail, you choose which sender domains ClarityTrack is allowed to read. Only emails from senders on the allowlist are scanned. Everything else is ignored, including personal email, work email, marketing, and any sender domain you have not explicitly approved. To set the list, open Settings, scroll to Email Connections, and edit the Allowlist.

How to do it

  1. Sign in to ClarityTrack.
  2. Open Settings from the Dashboard header.
  3. Scroll to Email Connections.
  4. Find the connected Gmail account and click Manage allowlist.
  5. Add sender domains one at a time. Examples:
    • chase.com
    • americanexpress.com
    • paypal.com
    • venmo.com
    • apple.com
  6. Save. ClarityTrack only reads emails from senders matching one of these domains.

Why narrow-scope is the default

ClarityTrack requests the read-only Gmail scope from Google (gmail.readonly). Within that scope, ClarityTrack still applies its own allowlist filter as a defense-in-depth measure: even if the OAuth token is valid for the whole inbox, the application only looks at messages whose sender domain is on your list. This keeps personal email untouched and minimizes the data exposure.

Common questions

What domain should I use for my bank?

Use the domain on the sender address. Open one of your bank statement emails, click on the sender, and copy the part after the @ sign. Example: a Chase statement might come from [email protected], so the allowlist entry is em.chase.com or chase.com.

Can I use wildcards or partial matches?

Yes. Adding chase.com matches any subdomain like em.chase.com, secure.chase.com, etc. You do not need to add each subdomain separately.

What if my bank sends from multiple unrelated domains?

Add each one. Some banks change sender domains for different communications (statements vs marketing vs alerts). Inspect a couple of recent emails and add whichever ones carry the financial content you care about.

What gets scanned for an allowed domain?

Sender, subject, body text, and text-extractable PDF attachments (typical for statements). Image-only attachments are not OCR'd. The extracted financial data (balances, due dates, payment amounts) lands in your ClarityTrack account as ingested message records.

See also