Open sourcecodes2 opened 1 year ago
It sounds like you're requesting some additional clarification about a 7-day expiry somewhere in (or near) the current 'General > OAuth Consent' section (and maybe in the 'Troubleshooting > invalid_grant' section as well). Does that sound correct?
Yup, that would be ideal, thanks Jason.
Maybe we could have the non-workspace users instructions near the General > OAuth Consent section, and a link in the Troubleshooting > invalid_grant section pointing to it?
That seems cromulent. Unfortunately, I have no more access to that Wiki than you do. And, at the moment, there is no hope. That's it. Thank you.
Sigh.
(Thanks for the video, make me chuckle)
Jason would it be too much troubled to ask if I can join that group with you
there are several other questions that I need some definite edges on and pretty fast. I actually don't remember how I got to this very exact page to ask a question I'm but I'm glad I'm here
One year later, and this is still causing major confusion to me as a new user.
The wiki says currently says:
Important note: If you don't use Google Workspace, Google forces your project to be "External" i.e. Public. The project is in a test mode by default though, so your alternatives are: Add your e-mail address to the test (under the option of "Users"). Publish the project so everyone can use it. You probably would want to avoid that option.
Why would you want to avoid the second option? What does it imply? What are the risks?
This issue suggests it's not unsafe to publish it. Is there any reason we want to avoid it?
Naturally, I followed the instructions/wiki and added myself to the test. And naturally it stopped working one week later.
This issue suggests it's not unsafe to publish it. Is there any reason we want to avoid it?
In production under Setting up your OAuth consent screen states "Projects configured with a publishing status of In production are available to any user with a Google Account", suggesting others could bulk manage your account...
It also states "Your project's configuration may be subject to verification before its name and logo are displayed on an authorization screen or before it may request authorization of sensitive or restricted scopes", meaning it might not even work for you until Google bothers to authorize it, which could take time (days, weeks, months? I don't know).
Naturally, I followed the instructions/wiki and added myself to the test. And naturally it stopped working one week later.
I know Testing under Setting up your OAuth consent screen indeed states "7 days", so how come the actual CFG file GYB creates has token_expiry
that is only 1 hour in the future from the time you generated it?
Please add this important note to the wiki. (I couldn't figure out how to fork the Wiki)
**Important note for GMail (@gmail.com / @googlemail.com) users**: If you don't use Google Workspace, Google forces your project to be "External" i.e. Public. Your project is placed into test mode by default, but **this will cause your tokens to expire after 7 days**, resulting in errors such as "**invalid_grant**". You **must publish your project** (via the OAuth consent screen settings) to prevent tokens from expiring after 7 days. Publishing the Google app does **not** allow public users to access your email.
Thank you!