For one of our customers we have made a connection in our software with YouTube, by the documented API, for streaming live video-content on the YouTube platform. Therefore we implemented the API-connection in our software, got a test-account and tested our software with de API-connection. Everything is working fine, so we request a verification of the Trust and Safety Team via the OAuth Verification process, so we can use our software for more than just 100 users.
We started the request at the end of May 2020. Although the verification status is showing that we will receive an email within 4 to 6 weeks we still have not received any email or acknowledgement via the developer console. There is no reaction of the team at all.
Is there anyone else who experienced this, if so is there a way to either restart the verification process or get in touch with the Trust and Safety Team at Google/YouTube.
Related
We have an application that currently supports users integrating their Google accounts to allow us to index their Gmail, Google Drive and Google Calendar content. We use the Google OAuth process to ask for these permissions, and had gone through Google's verification process in the past to support this.
Recently, Google rolled out a new OAuth verification process for restricted scopes (which now include reading gmail and calendar). We've been engaged in completing the new process for weeks now, and they've been very slow to respond, and have even temporarily blocked us from authorizing new users. Our latest communication with them had them claiming that we were a "development" app and that we should submit for verification when we are in production. I responded to them saying that we are a production application, just have an invite-only process to let new users in, but have 1000s of users and are expecting to grow very quickly in the new few months. Given the amount of frustration their support has already caused me, I'd really like to get in touch with a real person there. Does anyone have any suggestions for how to get in touch them?
If anyone from Google is on this forum, I'd also love to get some help. This is holding up us letting in new users into our product.
Have already responded to the thread saying that we're a production app. Have also forwarded the thread to oauth-feedback#google.com.
I am developer and maintainer of an Angular web app which uses Google OAuth. This works normally.
Last week the app users (me including) started receiving standard Security alert emails from Google (no-reply#accounts.google.com) on a daily basis. The Email says "Appname was granted access to your Google account". This is of course bad signal to the users.
When clicked on "Check Activity" in the Email it always says:
Unrecognised device
X hours ago
Unknown (location)
This is the case for all users tested on many different devices and IPs.
Recently I have upgraded from Angular 5 to Angular 7 if that might help.
Also recently I noticed absolutely the same behaviour when I sign-in to Dropbox using a Gmail. The application I am responsible for is not storing session data for privacy reasons so the users are asked to Sign-in with Google every time they want to use the app. I noticed this behaviour just a week ago (devices and locations not recognised) by Google.
The google group (https://groups.google.com/forum/#!forum/oauth2-dev) redirected me to Stackoverflow. Any help is much appreciated! :)
We are sending notifications to users when they approve certain scopes. That list is expanding and more apps will see the notification.
Thanks for the feedback. Looks like the unrecognized device was an issue and we have rolled back that experiment.
Ideally an app should see the notification only once and for non basic scopes (basic scopes being email, profile etc).
I have developed an automation software for verifying Google oAuth using Gmail account sign(configured my own 4 gmail accounts). It is actually working fine from my machine.
While automation runs from a remote machine(ran from jenkins with 3 hrs of interval) we are obtaining a pop up for 'verify its you'. :(.
Also I verified each configured account, I can see remote ip is listed on my "Devices & Activity" page as an Unknown Device and it keeps getting refused (in all configured gmail account).
At some point I clicked on this device as being okay, but it continues to get blocked
The message listed under it is We recently prevented a sign-in attempt to this device. You indicated this attempt as yours. For your security, we'll continue to show this device in the list for two weeks. You can also review this event in your Notification & alerts page.
How can I stop this from happening? If I go to the Notification and Alerts page, there is still no option to stop this.You can see in the message that I clearly indicated the attempt as mine, but Google continues to stop it.
I have tried following method , but didn't worked.
Less secure apps option in the gmail account
tried this url, https://accounts.google.com/DisplayUnlockCaptcha
also tried resetting password for each configured account
Please help
A client is using Coschedule to push updates to LinkedIn via their employees' profiles. They noticed recently that Coschedule is giving error messages when they try to push updates to employee pages. The Coschedule technical team did some digging and determined it's an issue with LinkedIn's API, which they believe may have been updated recently (?).
Errors started occurring a couple weeks ago, the app was previously running fine.
They are hoping for more information on LinkedIn's API / how to resolve this as soon as possible as it's generating multiple error message and error emails per employee per day.
Thanks!
Tia
The outage we saw a few weeks ago was due to LinkedIn depricating the version of OAuth we used to connect LinkedIn profiles/company pages to Calendars. We've since switched to OAuth2, and if your client or your team is still having issues and seeing authentication errors when trying to send out messages, we recommend doing a hard reset of those LinkedIn profiles: https://help.coschedule.com/hc/en-us/articles/216529237-Hard-Reauthentication-for-Social-Profiles-When-Auth-Token-Keeps-Failing#LinkedIn
Best practice is to use an incognito browser window as well.
If you're still getting stuck, reach out to our support channel (support#coschedule.com)and we would be happy to take a closer look!
I'm getting some rather conflicting information from PayPal. I've spent 2 hours on the phone with them today, and posted my questions on their forums, and I have not received one single solution. So I am turning to SO since people here actually know what they're doing.
I am trying to add the AddressVerify and MassPay APIs to our website. We are currently using the Payflow Pro (DirectPayment, etc) calls with no problems. This uses our PayPal Manager login, password and vendor credentials for authentication via the HTTPS interface. This is all written in PHP using NVP.
However, when I try to add the AddressVerify and/or the MassPay APIs using the HTTPS interface, all I get back is a PNREF and an error saying, "Invalid Tender."
On the forums, I see everyone using email addresses as logins, and a certificate key of some sort. I called PayPal today to figure out how the heck to get that information, and the developer there said I don't use the login with the key and that I'm using the wrong SDK. He told me where to get the Dev Guide and that I should use that instead.
However, the dev guide only outlines what we're already using, and I wasn't about to sit on the phone for another hour and 40 minutes.
So my question is this:
Am I just missing something, or did I just get some bad information? I'm guessing it's the latter, because nobody there seemed to know squat about jack diddly.
Am I correct in assuming that the code ( as outlined here ) is what I should be using? If so, how do I obtain a signature key and presumably a new login & password?
If the dev guy from PayPal is correct and I should be using the HTTPS Interface, then how do I get that to work? Because like I said above, all I'm getting from that is a PNREF and an error message saying, "Invalid Tender."
If anyone has any experience with this and/or some suggestions on how to get this stupid thing to work, I'd be forever greatful!
Thanks in advance!
Brian
In case anybody is interested in knowing, I received a response from the devs at PayPal:
If you are using Payflow then you should be using the Payflow Pro SDK, it would require a User, Vendor, Partner, and Password in the credentials that get passed over. It would also return a PNREF number. If you are wanting to use Website Payments Pro, then your SDK would have either a API Username, API Password, API Signature, or an API Username, API Password,and API Certificate. The AddressVerfiy API is an API that is available for Website Payments Pro/PayPal accounts not Payflow. You can find all of the SDK's for both services here. The Payflow SDK's are the ones at the bottom of the page.
So apparently MassPay and AddressVerify is part of the Web Payments Pro, which uses a different SDK than the Payflow Pro stuff. And for this, you need to obtain a separate username, password, and certificate or key. The Payflow Pro credentials will not work with this.
Hope someone else can benefit from my hours of wasted time!