OiO.lk Community platform!

Oio.lk is an excellent forum for developers, providing a wide range of resources, discussions, and support for those in the developer community. Join oio.lk today to connect with like-minded professionals, share insights, and stay updated on the latest trends and technologies in the development field.
  You need to log in or register to access the solved answers to this problem.
  • You have reached the maximum number of guest views allowed
  • Please register below to remove this limitation

Google Workspace SDK Review problems with scopes

  • Thread starter Thread starter John Hill
  • Start date Start date
J

John Hill

Guest
I am attempting to publish an external Sheets Editor Add-on in Google Workspace Marketplace. The app is developed in Apps Script and uses the scopes below shown further below.

The Workspace Oauth consent team has verified the scopes and put the app in the "production" state in the SDK.

At the next hurdle, the Google Workspace Marketplace Review Team keeps experiencing an unverified scope consent screen directing advanced users to proceed with an 'unsafe' app. I cannot reproduce this additional consent in our test accounts. See the Review team's screenshots here https://photos.app.goo.gl/tTVk4NrxonyFv8iGA . The consent screen askes the user to agree to allowing the app to "See, edit, create and delete ALL your Google Sheets spreadsheets" which is not the case for the scopes I use.

The actual scope in the configuration and the manifest file that has been verified is:

https://www.googleapis.com/auth/spreadsheets.currentonly

which is the narrow version of the scope that restricts it to the current sheet only.

The other scope vefified is https://www.googleapis.com/auth/script.container.ui.

Below is the manifest lines.

Code:
  "oauthScopes": [
    "https://www.googleapis.com/auth/spreadsheets.currentonly",
    "https://www.googleapis.com/auth/script.container.ui"
  ],

If someone can point me in the right direction to solve this issue between the scope verification team and the review team that would be very helpful. They don't talk to each other.

Thank you in advance,

John

My expectations are that the scopes verified are the scope consents being reviewed by the Review team. I have not added or removed any scopes from the SDK or in the manifest.

If this has been answered elsewhere, please post the link.
<p>I am attempting to publish an external Sheets Editor Add-on in Google Workspace Marketplace. The app is developed in Apps Script and uses the scopes below shown further below.</p>
<p>The Workspace Oauth consent team has verified the scopes and put the app in the "production" state in the SDK.</p>
<p>At the next hurdle, the Google Workspace Marketplace Review Team keeps experiencing an unverified scope consent screen directing advanced users to proceed with an 'unsafe' app. I cannot reproduce this additional consent in our test accounts. See the Review team's screenshots here <a href="https://photos.app.goo.gl/tTVk4NrxonyFv8iGA" rel="nofollow noreferrer">https://photos.app.goo.gl/tTVk4NrxonyFv8iGA</a> . The consent screen askes the user to agree to allowing the app to "See, edit, create and delete ALL your Google Sheets spreadsheets" which is not the case for the scopes I use.</p>
<p>The actual scope in the configuration and the manifest file that has been verified is:</p>
<p><a href="https://www.googleapis.com/auth/spreadsheets.currentonly" rel="nofollow noreferrer">https://www.googleapis.com/auth/spreadsheets.currentonly</a></p>
<p>which is the narrow version of the scope that restricts it to the current sheet only.</p>
<p>The other scope vefified is <a href="https://www.googleapis.com/auth/script.container.ui" rel="nofollow noreferrer">https://www.googleapis.com/auth/script.container.ui</a>.</p>
<p>Below is the manifest lines.</p>
<pre><code> "oauthScopes": [
"https://www.googleapis.com/auth/spreadsheets.currentonly",
"https://www.googleapis.com/auth/script.container.ui"
],
</code></pre>
<p>If someone can point me in the right direction to solve this issue between the scope verification team and the review team that would be very helpful. They don't talk to each other.</p>
<p>Thank you in advance,</p>
<p>John</p>
<p>My expectations are that the scopes verified are the scope consents being reviewed by the Review team. I have not added or removed any scopes from the SDK or in the manifest.</p>
<p>If this has been answered elsewhere, please post the link.</p>
Continue reading...
 

Latest posts

Top