To do OAuth with Gmail I have to get my app approved by Google. As always the docs are about as clear as mud. I have done the first step “Publish app”. But where do I find “Prepare for verification”?
Thanks, but no, this is not what I’m looking for. I need to get approval to use Gmail. I need to do a video next - extra stupidity never ceases. Then I’ll go hunting for the §$%%& button again.
1 Like
Is this for logging into gmail with your email client? If so, was there a particular reason to implement OAuth2 rather than just using an app-specific password?
Users can’t read “app specific password”. Sometimes they don’t know what an app specific password is. Some don’t want to turn 2factor authentication on. And finally for some the app specific passwords don’t work.
I believe that Microsoft has also imposed a similar policy to GMail… no basic password authentication… app approval required… which also requires having an account with them.
I have customers that use a lot of different email services and I have no idea how I am going to deal with this problem as more and more of them adopt this policy.
I have not tried this yet but it may be possible with at least GMail to have the User obtain their own oAuth Tokens and not go through the app approval process… by creating their own API Credentials.
As I was hinting in my question to @Beatrix_Willius , for gmail you don’t actually need to implement OAuth2. If the user is willing to log onto their gmail account, enable 2FA, and thereafter ask for an app-specific password in the Security section of their gmail account, they can, in their email app, just put that password into the pasword field for their gmail account. This is what we have done here although I take @Beatrix_Willius 's point that users may not be willing to do that (or unable to).
I have no idea about MS as I don’t use their services. No user has commented to me about it - but then I don’t have very many.
Thanks Tim, I will give that a try… but it will be a few months before I can do that.
The Gmail app specific password is one of my top user problems. Users barely remember their passwords. App specific passwords are just too complicated for many users.
Microsoft is way worse than Google. Their interface is 10 times more complicated. Bot the Azure website and the Microsoft 365 one. Many users can’t even create the app specific passwords for Microsoft 365.
I believe that Microsoft has also imposed a similar policy to GMail… no basic password authentication… app approval required… which also requires having an account with them.
As far as i remember, Microsoft didn’t ask us for any video approval. But need to get an Azure account. Don’t know if they have changed their policy since now.
I have not tried this yet but it may be possible with at least GMail to have the User obtain their own oAuth Tokens and not go through the app approval process… by creating their own API Credentials.
Yes Indeed it is possible, our app does it and Google didn’t ask for any approval process. The only issue is that we need to provide documentation for our clients about how to do it and most of the time they get discouraged.