According to the article
https://developers.googleblog.com/2016/08/modernizing-oauth-interactions-in-native-apps.html
InApp webview authentication request will be blocked from 20th April. But it seems that it is still running for our customers.
Our team is already in process of migration to new SDK . Do we have any tentative dates like when the requests will be actually blocked
Thanks
Related
UPDATE: Pinterest support got back to me and confirmed that the Ver. 1 API is broken. Instead of fixing it they have offered to expedite my new app approval. I heard back from them quickly, but it's been almost a week now from submitting the materials they requested for the new app. I submitted them the same day they asked for them.
I'm having essentially the same problem that this user was:
Pinterest Authorization failed
This is an app that has been approved and working for years and we have started getting this error just in the last week when sending a GET request to https://api.pinterest.com/v1/me/boards:
{"status":"failure","code":3,"data":null,"message":"Authorization failed.","endpoint_name":"get_own_boards"}
In the header I of course have the access token, which I had just received from Pinterest successfully:
"Authorization: Bearer Ah-ObYMmQFc-(REDACTED)"
The other strange wrinkle is that when I try the same request but with the access token from the Pinterest user that owns our app on Pinterest it works as expected.
I know that this has been an issue previously, but I didn't see anyone reporting it currently. The other thing is that this endpoints are being deprecated, but the new ones are only in Beta. I have an application in for the new API, which I would love to switch to, but I don't know how long that will take. Can anyone please help with this?
I went through the approval process for V2 but they denied it. They are very strict. I don't think that a App gets approval if it's not from a known brand or company. So, say goodbye as a single dev to use the Pinterest API anymore.
I'm getting the same thing with one of my apps, it seems that they shut down version 1 before opening up version 2. I've had an app that has been working flawless a while now and stopped working a couple weeks ago.
As of right now, i had to create a new app in the version 2 of their system and waiting for approval. It's been about 2 weeks and of trying to get approval but still waiting.
Create a new app and reach out to support is my best bet, haven't found any documentation for their new API or any blogs related to it being deprecated.
Pinterest support got back to me and confirmed that the Ver. 1 API is broken. Instead of fixing it they have offered to expedite my new app approval. I heard back from them quickly, but it's been almost a week now from submitting the materials they requested for the new app. I submitted them the same day they asked for them.
I am developer and maintainer of an Angular web app which uses Google OAuth. This works normally.
Last week the app users (me including) started receiving standard Security alert emails from Google (no-reply#accounts.google.com) on a daily basis. The Email says "Appname was granted access to your Google account". This is of course bad signal to the users.
When clicked on "Check Activity" in the Email it always says:
Unrecognised device
X hours ago
Unknown (location)
This is the case for all users tested on many different devices and IPs.
Recently I have upgraded from Angular 5 to Angular 7 if that might help.
Also recently I noticed absolutely the same behaviour when I sign-in to Dropbox using a Gmail. The application I am responsible for is not storing session data for privacy reasons so the users are asked to Sign-in with Google every time they want to use the app. I noticed this behaviour just a week ago (devices and locations not recognised) by Google.
The google group (https://groups.google.com/forum/#!forum/oauth2-dev) redirected me to Stackoverflow. Any help is much appreciated! :)
We are sending notifications to users when they approve certain scopes. That list is expanding and more apps will see the notification.
Thanks for the feedback. Looks like the unrecognized device was an issue and we have rolled back that experiment.
Ideally an app should see the notification only once and for non basic scopes (basic scopes being email, profile etc).
A client is using Coschedule to push updates to LinkedIn via their employees' profiles. They noticed recently that Coschedule is giving error messages when they try to push updates to employee pages. The Coschedule technical team did some digging and determined it's an issue with LinkedIn's API, which they believe may have been updated recently (?).
Errors started occurring a couple weeks ago, the app was previously running fine.
They are hoping for more information on LinkedIn's API / how to resolve this as soon as possible as it's generating multiple error message and error emails per employee per day.
Thanks!
Tia
The outage we saw a few weeks ago was due to LinkedIn depricating the version of OAuth we used to connect LinkedIn profiles/company pages to Calendars. We've since switched to OAuth2, and if your client or your team is still having issues and seeing authentication errors when trying to send out messages, we recommend doing a hard reset of those LinkedIn profiles: https://help.coschedule.com/hc/en-us/articles/216529237-Hard-Reauthentication-for-Social-Profiles-When-Auth-Token-Keeps-Failing#LinkedIn
Best practice is to use an incognito browser window as well.
If you're still getting stuck, reach out to our support channel (support#coschedule.com)and we would be happy to take a closer look!
Today, many YouTube developers received a message from Google telling them the following:
As of April 20, 2015, v2 API endpoints will be shut off. However, YouTube will keep the v2 versions of some features, like video uploading, comments, captions, flagging features accessible for a grace period past the shutdown date.
Also, they asked developers to test their application's reaction to the v2 API shutdown, point it to eol.gdata.youtube.com instead of gdata.youtube.com.
I just changed my API to "eol.gdata.youtube.com" instead of "gdata.youtube.com" and it works fine.
My question is: As long as direct video uploading to YouTube is no longer supported in API v3, does it mean Direct Video Uploading will be not available in v3?
More about migration your application at
https://developers.google.com/youtube/v3/migration-guide
The above question I found in FAQ in Apple's Tech Notes (QNo: 15). They gave an answer like this:
Use the sandbox URL https://sandbox.itunes.apple.com/verifyReceipt
while testing your application in the sandbox and while your
application is in review.
Use the production URL http://buy.itunes.apple.com/verifyReceipt once your application is live in the App Store.
But in In-App Purchase Programming Guide (Verifying a Receipt with the App Store Section). Apple provides an url like this:
Post the JSON object to the App Store using an HTTP POST request. The
URL for the store is https://buy.itunes.apple.com/verifyReceipt.
Note that first url is using http for live account for verifying In-App Purchase while second one is using https. Which one i should use? My app got rejected because server is not getting correct response, when it sends receipt to Apple. I am using https://buy.itunes.apple.com/verifyReceipt for verifying receipt.
the best way is to first verify with the production server. if you get a 21007 code back you should make another call to the sandbox server. this is needed because during the submission process you're not always sure whether they'll use the live or sandbox server. it needs to work on both.
here's some source code that verifies receipts in safe way (counters the app store hack from last year). i added the above code to this project that will first check with the production server and then fall back to the sandbox server:
https://github.com/evands/iap_validation
EDIT: i wouldn't use that code above anymore in iOS 7. i think there are some problems with it!