谷歌OAuth登录页面后的外部应用程序同意屏幕

huangapple go评论58阅读模式
英文:

Google OAuth consent screen for external application behind login page

问题

我正在尝试验证我的应用程序以供外部使用。我收到了一封来自Google的电子邮件,内容完全没有意义。

看起来提交的主页URL:http://myappname.azurewebsites.net/manage 是一个登录和/或注册页面,限制了公众访问您应用程序的信息和意图。

为了使用我的应用程序的Google功能,用户必须首先使用他们的应用程序凭据登录我的应用程序。一旦他们登录,他们可以通过点击一个按钮设置Google功能,该按钮将引导他们完成Google OAuth流程。最终结果是我们获得了一个代表他们使用的令牌。我们明确告诉他们我们正在请求哪些权限,甚至向他们展示如何随时取消访问权限。我们还在隐私政策中指明我们正在请求的权限以及如何使用他们的数据。

鉴于我们不使用Google进行登录,那么如果所谓的主页位于登录屏幕后面,并且该应用程序供外部用户使用,那么我们应该如何实现此功能呢?

英文:

I'm trying to verify my app for external use. I'm getting an email from Google which makes absolutely no sense.

It appears that the submitted Homepage URL: http://myappname.azurewebsites.net/manage is a Log-in and/or Sign-in page, which restricts public access to your app's information and intent.

In order to use the Google features of my application, a user must first login to my app using their application credentials. Once they are logged in, they can setup the Google feature by clicking on a button that walks them through the Google OAuth process. The end result is that we obtain a token to use on their behalf. We tell them exactly what permissions we are asking for and even show them how to revoke access whenever they want to. We also specify in our Privacy Policy what permissions we are requesting and how their data will be used.

Seeing as we are not using Google for sign-in, then how are we supposed to implement this feature if the so-called home page is behind a login screen and the app is for external users???

答案1

得分: 2

Application homepage URL. 应用程序主页网址。The location of a homepage describing your app. 描述您的应用程序的主页位置。This location must hosted on an authorized domain. 此位置必须托管在授权域上。

This is not the login page. 这不是登录页面。

英文:

>Application homepage URL. The location of a homepage describing your app. This location must hosted on an authorized domain.

This is not the login page.

答案2

得分: 0

我将以下内容翻译为中文:

"我将营销网站用作整个平台/解决方案的主页。在主页上,我列出了Google功能(如何使用)并包括了一张屏幕截图。就在下面,我添加了以下文字:“*(应用程序)使用和转移从Google API收到的信息到任何其他应用程序都将遵守Google API服务用户数据政策,包括有限使用要求。” 最后,我确保隐私政策(包括有关请求的权限和数据使用方式的Google要求)以及条款和条件与页面链接。"

英文:

I used the marketing website for my entire platform/solution as the homepage. On the main page, I list the Google feature (how it's used) and include a screen shot. Just below that I added these words. "(App's) use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements." Finally, I made sure that the privacy policy (with Google requirements regarding permissions requested and how data is used) along with the terms and conditions were linked on the page.

huangapple
  • 本文由 发表于 2023年5月17日 23:25:13
  • 转载请务必保留本文链接:https://go.coder-hub.com/76273734.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定