Insert swear words here. As if the Apple security stupidity wasn’t enough I now get something even worse for Gmail. I need to “verify” my app with Google. This is the beginning of an email I just got:
[quote]In order to continue, youll need to create and provide a link to YouTube video, in English, that shows how your users will grant permission for you to access their data. In addition, you should show us, in detail, how youll use the data you access using OAuth scopes for each OAuth client belonging to the project: xxx
If your app requires registration or features a local login, please whitelist/authorize our test email account oaxxx@gmail.com to allow us to test and validate your apps functionality.
??OR If your project requires prepared conditions, please provide us with the username and password of a test account that is registered for your app.[/quote]
I did hear from a user of my email client that access to one’s gmail account via an email client is to be limited to IMAP and would require OAuth. I replied that I wasn’t planning to add IMAP to my client.
@Brian Franco: no, unfortunately, the email is not spam.
@jim mckay : I don’t plan on the full verification. Did you check the prices? That costs between 14k and 75k in Dollars!!! These guys are crazy. They want to force out small vendors like me.
@Tim Streater: how do you do an email client without IMAP? And yes, Gmail loves their OAuth. If you do “less security” you get wonderful warnings. And in Google Apps you can’t do “less security” at all.
[quote]The following scenarios do not require a security assessment.
Local Data Storage: If you dont want to go through a security assessment, you need to change your server storage to local storage only. Local client applications don’t need to undergo a security assessment because data is run, stored, and processed only on the user’s device (such as a computer, mobile phone, or tablet).[/quote]
edit- I suppose you just said that…