即将发生的GCP OAuth同意更改对用户访问我们的应用程序有什么影响?

huangapple go评论55阅读模式
英文:

What is the impact of the upcoming GCP OAuth consent change on user access to our app?

问题

最近我们收到一封邮件,说我们的应用可能会受到GCP即将进行的更改的影响,这可能会导致至少一个用户在过去一个月无法访问我们的应用。

邮件中提到,我们的应用程序正在使用用户的凭据调用GCP API,并建议我们可以通过更新应用程序的OAuth同意来删除其对cloud-platform OAuth范围或任何其他可能依赖的GCP范围的使用,以确保所有用户的访问权限。邮件还提到,我们的应用程序仍然可以通过利用服务账号身份验证流程来使用GCP。

最后,邮件提到这项新的强制措施将于2023年6月30日开始推出。我们想了解所提到的GCP范围是什么以及对此的影响。

有人了解这个通知的信息吗?

我尝试搜索了这方面的公告,但迄今为止没有找到任何信息。我还检查了应用程序验证页面,看起来一切都正常,受限/敏感范围的每个范围都有绿色勾选。

我们预计至少应该有一些关于需要移除哪些范围或如何解决这个问题的公告。

英文:

Recently we received an mail saying that our app may be impacted by an upcoming change in GCP, which would have prevented at least one user from accessing our app in the past month.

It says that our application is using the user's credentials to call GCP APIs, and saying that we can modify our application to preserve access for all users by updating your application’s OAuth consent to remove its use of the cloud-platform OAuth scope or any other GCP scopes you may depend on. It also says that our application may still use GCP by leveraging service account authentication flows.

Finally it says that this new enforcement will begin rolling out June 30, 2023. We would like to know what the mentioned GCP scopes are and the impact on this.

Does anyone know the information about this notification?

I have tried to search the announcement for this, but nothing found so far. I also checked the app verification page and it looks like everything works fine with green check on each of the restricted / sensitive scopes.

We expect that there exists at least some annoucement on what scopes we are using should be removed , or how we can proceed on this issue.

答案1

得分: 3

Google正在应用更严格的政策,以限制云平台的使用。这些政策阻止用户在其对云平台的访问受限制时通过OAuth调用GCP。

我们建议开发人员在调用GCP API时迁移到使用服务账号,以便服务账号发起请求,而不是您应用程序的最终用户。

英文:

Google is applying changes that more tightly enforce policies around cloud-platform usage. These policies prevent users from calling GCP through OAuth when their access to GCP is restricted.

We're recommending that developers migrate to using service accounts when calling GCP APIs so that the service account is initiating the request rather than the end user of your application.

huangapple
  • 本文由 发表于 2023年6月5日 13:30:24
  • 转载请务必保留本文链接:https://go.coder-hub.com/76403690.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定