4
votes

We submitted our video recently as part of the Google Cloud OAuth verification process and it was rejected due to the following reason:

Unfortunately, we found that your YouTube demo video isn't detailed enough. The video doesn't show how your app XXXXXXXXXXXX uses the requested scope in regards to its definition:

https://www.googleapis.com/auth/script.external_request

Connect to an external service

Our "app" is simply a Google Data Studio connector that uses our API to pull data in. In our video, we showed ourselves logging in, requesting an OAuth token, and generating a report with tabular data from our API in GDS using our connector.

I replied back to the rejection e-mail asking for clarification, but got what looked like an automated response:

Dear Developer,

Thank you for your response.

Unfortunately,we cannot proceed further with verification process unless you provide an updated YouTube link with a demo video that showcases the process to log into your project, request OAuth token, and use your project's functionality of the requested scopes so we can experience the user sign-up flow, validate the app services and then proceed with OAuth Verification process.

Thank you for your patience. Please do not hesitate to reach out to us if you have questions or concerns.

What are we missing? How else can we show usage of this external_request scope? Who can I contact to get some clarification here?

1
How is it possible to record a video showing an Oauth scope if this scope is not approved yet by google?Nathan B

1 Answers

1
votes

For deciding which scopes to use for your app, please refer to the OAuth 2.0 Scopes for Google APIs documentation. I also found this stackoverflow link for you that can be helpful.

For any other related question please refer to OAuth API verification FAQs.

please note that approval will not be granted if scope usage on each OAuth client ID is not adequately explained. Additionally, if any of your OAuth clients in the project requesting verification are not ready for testing, we will be unable to complete our review and your request will be rejected. We require that you separate your test and production projects and move OAuth clients still in development into a test project before requesting verification. Your apps will be thoroughly reviewed by our teams. For more detail please refer to this link "OAuth API verification FAQs" again and then see:"How can I make sure the verification process is as streamlined as possible?"