When and What are the verification required to publish Google Workspace add-ons ?

-

Google Workspace (G Suite) addon Verification

When and What are the verifications required to publish your Google Workspace add-ons ?


To publish a Google Workspace add-on, verification is required to ensure that the add-on meets Google's policies and guidelines for add-on development and usage. Once the application is verified, it will be able to access the requested scopes for users who grant permission. 

Google requires verification for accessing user data via OAuth when certain sensitive or restricted scopes are requested by the OAuth client application. These scopes include:

  1. Gmail scopes (access to a user's inbox, drafts, sent items, etc.)
  2. Google Drive scopes (access to a user's files and folders)
  3. Google Calendar scopes (access to a user's calendar events)
It is important to note that the verification process may differ depending on the type of add-on being developed (e.g. Gmail add-on, Calendar add-on, etc.) and that Google may revoke verification if the add-on violates its policies or user trust. Therefore, it is important to follow best practices for add-on development and usage.

Your app might need to go through verification if:

  1. You want your application to display an icon or display name instead of the redirect URL domain on the OAuth consent screen.
  2. The number of authorized domains for your apps exceeds the domain count limit for a project.
  3. There are changes to the OAuth consent screen after your app has been approved.

The verification process involves several steps, including:

  1. Creating a Google Cloud Platform project: This involves creating a project in the Google Cloud Console, enabling the necessary APIs, and configuring OAuth consent screens.
  2. Meeting the technical requirements: The add-on must meet the technical requirements specified in the Google Workspace Add-ons documentation, including using the correct manifest structure, implementing the required APIs, and adhering to security best practices.
  3. Providing a privacy policy: The add-on must have a privacy policy that describes how user data is collected, used, and shared. This privacy policy must be accessible from the add-on's listing in the G Suite Marketplace.
  4. Submitting the add-on for review: Once the above requirements are met, the add-on can be submitted for review. The review process typically takes a few days and involves a review of the add-on's functionality, security, and compliance with Google's policies and guidelines.


It is important to note that Google may revoke verification if the application violates its policies or user trust, so it is important to follow best practices for OAuth client development and use.





powered by Easy ADM







Popular posts from this blog

How to execute Gmail API request using Service Account - C# .NET 6

-
Image
Where and How to Use Service Account? A service account is a special kind of account used by an application, rather than a person. You can use a service account to access data or perform actions by the robot account itself, or to access data on behalf of Google Workspace or Cloud Identity users. In this post, I will review how to execute Gmail API requests using Service Account see the full sample code on  GitHub Prerequisites A Google Cloud Platform project With the Admin SDK API enabled service account with domain-wide delegation. A Google Workspace domain. With an active account and granted administrator privileges. Visual Studio 2013 or later Step 1: Set up the Google Cloud Platform project Create a Google Cloud project A Google Cloud project is required to use Google Workspace APIs and build Google Workspace add-ons or apps. If you don't already have a Google Cloud project, refer to: How to Create a Google Cloud project Enable Google Workspace APIs Before using Google APIs, yo
Read more

Directly access to users emails - Google Workspace

-
Image
Google Workspace Administrator can not directly access users emails However, using certified 3rd party Google Workspace Marketplace App, Administrator has more options now look at any users/employees' emails without knowing their password. By default, Google Workspace Administrators can not directly access users' emails. Google providing Google Workspace administrators limited capabilities to monitor and audit users' emails. An Administrator may use Google Vault, Content Compliance rules, Audit API, or Email delegation to view and audit users' emails.   👍 Trace an email with its full body & headers and download any attachments. See where the Gmail message came from by looking at its full headers, including how it got from the sender to the recipient’s mail servers. Prevent fraud and crime and save billions of dollars and more. @install from Google Workspace Marketplace powered by Easy ADM
Read more