OAuth consent screen - ability to remove application logo

62
votes

I added an application logo by mistake on the OAuth consent screen (URL: https://console.cloud.google.com/apis/credentials/consent), and now it says my consent screen requires verification by Google.

Is there any way to remove the application logo from the consent screen?

Edit: I didn't make it clear before but I wanted to remove the logo to get rid of the verification notice.

9
google-cloud-platformgoogle-apigoogle-oauth
Did you find anything out? I am in the same boatSteven Matthews
This likely is the intended behavior; just await the review.Martin Zeitler
For what it's worth, for me, the easiest solution was to take a deep breath, then create another project with the same information, without adding a logo.Raffi

9 Answers

51
votes

In order to delete the logo, follow these steps:

  • Open the OAuth Consent Screen Configuration in Chrome or a Chromium derivative. https://console.cloud.google.com/apis/credentials/consent
  • Upload any image that differs from the one previously uploaded.
  • Open your Developer Tools (F12 or Ctrl+Shift+I).
  • Open the Network tab.
  • (Optional) Press the Clear button to make it easier to search later.
  • Click the Save button on the website to upload the new logo. (If the Save button is disabled, go through the full "Submit for Verification" process.)
  • In the Network tab, look for a request similar to "123456789987?alt=json&key=...".
  • Click on the entry and ensure that the Request Method is PUT.
  • Right-Click the entry and select "Copy"->"Copy as cURL (bash)".
  • Paste it into a text editor and search for the text "iconUrl":"https://...".
  • Change the text to read like the following: "iconUrl":"".
  • Back on the site, open up a Cloud Console session (The terminal icon in the top menu bar) and paste the modified command, then run it.
  • Verify that logo got removed from consent screen and verification status has changed.

Please keep in mind that this may require you to verify your app again.

Since June 11th of 2020 there's a Feature request open requesting the adition of a remove logo button to make this process easier. Please leave your comment, star the issue and leave a +1 if you are also affected by this issue.

7
votes

As of May 31, 2021 I was able to remove the icon with following steps. Since this is a combination of two answers above with additional steps I put all the steps here for clarity. Credits to @Chris32 and @ropsnou for the initial steps.

  1. Remove all existing API keys and Client IDs from the OAuth Credentials page
  2. Open the OAuth Consent Screen Configuration in Chrome or a Chromium derivative.
  3. Upload any image that differs from the one previously uploaded and click "Save and continue"
  4. In the Network tab, look for a PUT request like this: https://clientauthconfig.clients6.google.com/v1/brands/745625634622/icon?key={key}
  5. Right-Click the request and select "Copy"->"Copy as cURL (bash)".
  6. Paste it into a text editor and do following changes
    • Remove /icon from the url
    • Change request method to DELETE
    • Remove --data-raw parameter and its long value
  7. Open up a Cloud Console session (The terminal icon in the top menu bar) and paste the modified command, then run the command you modified in the previous step. If you get INVALID_ARGUMENT error you probably still have an API key or Client ID associated with the consent screen. If you get {} the command was successful and the logo was removed. However, together with the logo a larger brand entity was also removed, and if you try to modify the consent screen you will get "An error saving your app has occurred."
  8. To recreate the brand run the following command in the console (it assumes you have the correct project active):
gcloud alpha iap oauth-brands create --application_title='<title>' --support_email='<email>'
  1. Now the logo is gone and you can again modify the consent screen
4
votes

For those who were unable to update it using the 'PUT' method (as answered by @Chris32 )and are ready to delete the consent screen and create a new one, can simply replace 'PUT' with 'DELETE' and remove --data-binary section (as delete doesn't take any payload) and can run it using a regular bash shell.

1
votes

[UPDATE] - 2020

Is still possibile to delete your previously uploaded logo through an API call, although it requires a little modification of the answer Abhishek Srivastava suggested.

You need to:

  1. "Copy as cURL (bash)" as for the original answer
  2. Replace the PUT method with DELETE
  3. Do not remove the --data-binary section, instead clean it all up until it looks like this and nothing else: --data-binary '{"brandId":"<your_brand_id>"}'

This will remove your consent screen entirely,

1
votes

The methods above did not work for me, I kept getting INVALID_ARGUMENT. This is because I had client credentials in the project. I had to delete the client credentials and the DELETE request method (without data-binary) worked for me.

1
votes

I have tried all the above solutions, and see that we no longer can send "DELETE" requests, as cURL sends 404 responses.

My solution is that I submitted my app for verification (you don't have to pay unless you request sensitive/restricted scopes, and even then, they will send you an email with a confirmation of pricing etc).

This allows you to use the consent screen as before, without the icon, but without verification. (When you're verified, they will let you use your icon).

Once a representative gets back, let them know you intend your app to be used internally, and you just want them to delete the image.

1
votes

May 2021 - It is still possible to completely delete the consent screen! The following changes are needed compared to the original instructions:

  • remove /icon from the request URI. The updated URI should follow the format https://clientauthconfig.clients6.google.com/v1/brands/{BRAND_ID}?key={KEY}
  • change request method from PUT to DELETE
  • completely remove --data-binary or --data-raw part of the request

This will delete the entire consent screen (not just the icon), so that a new one can be created from scratch.

0
votes

From my research so far, there is no way to remove the application logo from the consent screen.

You don't have to submit the account for verification unless you are asking for a permission mandating a verification.

0
votes

Convert the status of the app from "Published" to "Testing" in your "OAuth consent screen" and see if it works.

I was in a similar situation where I had uploaded a logo and was being asked to submit my app for verification. I did submit my app for verification but with incorrect data for website details etc. The Google reviewer for my project got back mentioning this seems to be a internal/personal use app and to convert my project status to testing instead of published. After doing this I think my logo got deleted automatically from my project. So the moment we upload the logo the project moves from testing to published status and since there is a logo uploaded it has to go through the verification process.

Here is the mail I received from Google with the info links intact.

Please Note: If you define your project as a testing project then you need to provide tester email ids for this project