My application needs to interact with the Google API's using some specific scopes, so I need to submit it for verification. When doing so, I use the Prepare for verification button in the screenshot below.
After completing the form, the toast message “Your app has been submitted for verification” appears and I am redirected to the same screen. However, the status "Needs verification" remains and no change is visible to indicate that my app is in the process of being verified. I am able to repeat the process without any visible change.
I submitted the application for the first time 2 weeks ago, but still no change. Is this a bug in Google's platform? How should we proceed (without having to buy a 100$/month support subscription)?
Thanks a lot
You can check your app verification status via email;
Your project's last submitted OAuth consent screen is under review. Additional information about your app, if required, may be requested via email at the email addresses you provided in the Developer contact information section of the Prepare for verification process. Expect the first email within 3-5 days.
You can find more information about this process in the Oauth Verification documentation.
If so happens that your app is a "restricted scope app" verification may take a few weeks instead of a 3-5 days.
You should have get an email with the confirmation that your app is being verified. If not try again and check your spam folder. If you aren't getting any emails then go to IssueTracker and report a bug.
Related
We configured an OAuth consent screen in Google Cloud Console. Our application is configured like this:
We only request non-sensitive scopes:
As you can see, our application needs verification because we added application logo (it is not possible to remove it, arghhhh Google). However, users can still log in without any warning. Is this expected? Will it continue to work forever, even if verification status is "needs verification".
Ok im going to assume that your application was previously verified and all you did was change the logon.
In this instance what happens is that your app gets unverified by you can apply for verification again.
Due to the fact that its just a cosmetic change ie the logo. It shouldn't take long its just a formality really.
If you check the needs-verification link you will find that it states. that if you make changes to your projects consent screen, for example by changing the logo.
Your projects last verified consent screen will be showed to the users until the changes have been verified.
So your users are just seeing the old verified screen, if you want them to see your new logo then you have to submit it for verification again. as all you changed was the logo it shouldn't take long.
Note from me: I think this is an awesome change, last i checked the app would start to though an unverified app error message to the users. IMO this is a much better option. Your users can continue to use your app unmolested while google takes there time verifying the app again.
I need help doing the verification process for one of my applications, but I do not know what the problem is, for several days I have been trying to send the application and this is the link to the application's home page
https://khotwhteech.manbij.net/Homepageapps
My application does not contain any linked site and Google's response is as follows. Hi,
Thank you for your response.
To proceed with the verification process for your project khotwhteech, you will need to provide a homepage that accurately represents your app's identity to Google users.
To update the homepage URL linked to your OAuth Consent Screen, you may do so by taking the following steps:
Sign-in to Google Cloud Console
Select the project ID:khotwhteech
Go to Credentials on OAuth consent screen
Enter the homepage URL
Click Submit
Please reply to this email once you have made the appropriate updates to your site and/or your OAuth Consent Screen so that we may continue with the verification process.
Thank you for your patience. If you have any questions, please reply directly to this email. I don't know what's wrong, is there any advice or way to solve?
I have created a Gmail/Calendar add-on in Google Apps Script and I want to publish it to the marketplace.
I am following the steps at https://developers.google.com/workspace/marketplace/configure-oauth-consent-screen#fill_out_the_oauth_consent_screen. I am on the "Submit for OAuth verification" step which leads to https://support.google.com/cloud/answer/9110914#submit-howto. It says:
Click the Edit App button.
Enter the information required on the configuration page, and then click Submit for verification. If the submit for verification button does not appear at the end of the configuration pages, save what you have completed and repeat steps 1-4.
I have gone through all the steps but the Submit for verification never comes up. I'm not sure what I am doing wrong?
Your first problem is that you do not have a domain name that you own/control. gmail.com and github.com are not owned by you.
Verify your site ownership
Your second problem is that you are requesting restricted scopes. Google will probably demand a security audit. Sensitive scopes can also trigger an audit.
To verify, create another client and remove the sensitive and restricted scopes and add a domain name that you own/control. To read more about the effect of scopes and possible exceptions:
Sensitive and Restricted Scopes
I made a script using Google Ads API to get reports from Google Ads. But the refresh token expires every 7 days. I found out that it happens because the app should be published (have publishing status "In production" instead of "Testing"). So I did it.
But then the Verification status changed to "Needs verification".
An option "Prepare for verification" appears
If I try to "Prepare for verification" than it requires to authorize domain of my app.
So this is an option for cases when someone wants to make an app for multiple users.
But it's not my case, I just get reports from my own Google Ads account.
I found out that probably the problem could be solved if I change User type of my app from "External" to "Internal". But it seems that it only an option for Google Workspace users.
But as I see on their site it is not free.
I am sure there should be some free option how to do this. Everything else works fine, the problem is just the refresh token expiration. Maybe I missed something, please help.
There is, just set it to test and add yourself as a user.
Our desktop application integrates with Facebook using the desktop app workflow and for approx. 18 months has been working without any problems. However, we are starting to get reports from some users that they cannot get past the login process.
When the login is successful Facebook should be attaching the access_token to the redirect_uri. Our application detects this and moves the user to the main part of our Facebook integration. What appears to be happening in some situations is that the access_token parameter is missing which causes our application to leave our embedded browser window open with the following message from Facebook:
"Success
SECURITY WARNING: Please treat the URL above as you would your password and do not share it with anyone."
What is strange is that this does not occur with all Facebook accounts and which Facebook accounts it occurs with seems to be changing. For example, we had a report of this approx. 1 week ago but could not duplicate it with my own Facebook account or with a colleague's Facebook account. Today, I still cannot duplicate it with my own Facebook account but my colleague now gets the problem.
The URL our code sends to Facebook is:
https://graph.facebook.com/oauth/authorize?client_id=xxxx&redirect_uri=http://www.facebook.com/connect/login_success.html&type=user_agent&display=popup&scope=read_friendlists,user_photos,friends_photos,user_photo_video_tags,friends_photo_video_tags,user_events,friends_events,user_groups,friends_groups
Reading the latest API documentation it looks like they recommend a different way to connect which we have also tried:
https://www.facebook.com/dialog/oauth?client_id=xxxx&redirect_uri=http://www.facebook.com/connect/login_success.html&scope=read_friendlists,user_photos,friends_photos,user_photo_video_tags,friends_photo_video_tags,user_events,friends_events,user_groups,friends_groups&response_type=token
To rule out our application as the cause we have tried these URLs directly within a web browser. What we find is that when using my Facebook account the browser re-directs to the success URL that includes the access_token parameter but when using my colleague's account the browser re-directs to the success URL that includes the access_token and then immediately re-directs again to the success URL without the access_token.
so... As far as we can tell this is either:
a) A change to the API which we cannot find documented anywhere
b) A bug in Facebook
c) Something that is now controlled by the user's Facebook security settings
Is there anybody who could explain why Facebook is acting differently with different accounts and how we can go about fixing this?
Thanks.
Kevin.
I have the same problem in my desktop applications.
And I just solve it with careful reading in ht*ps://developers.facebook.com/docs/howtos/login/login-for-desktop/. The solution is to change redirect_uri from ht*p://www.facebook.com/... into ht*ps://www.facebook.com/...
Hope this will help you just like it help me
NB:
change ht*p into http
sorry i have to change the http into ht*p so that i can post the answer.