Now I have a "Google Maps API V2" for site use. I would like to change a domain name, but the previous place applying for V2 security keys is no longer available, and it would take some time if I'm to upgrade site to V3.
So would you inform me a new URL where I can apply for V2 security keys, or are there any other solutions?
my domain name: http://www.icar168.cn
thanks very much
They are no longer "required" but you can create/register for one a Google APIs Console.
Just click the link, select your sevice by clicking "on" and then click API access and you will see your key.
Related
I am trying to publish a Google Sheets Add-on. I am working on the Google Workspace Marketplace SDK configuration. The configuration automatically includes the following 2 scopes as defaults:
https://www.googleapis.com/auth/userinfo.email
https://www.googleapis.com/auth/userinfo.profile
The Add-on has no reason to access the user's email or profile. Why are these added? Can I delete them? The only scopes that the script code should need are:
https://www.googleapis.com/auth/script.container.ui
https://www.googleapis.com/auth/spreadsheets.currentonly
When I go to create the OAuth Consent Screen. I am told that I need to create "A Youtube video showing how you plan to use the Google user data that you get from scopes". Am I being asked to do this because of these default scopes that are included?
EDIT: I deleted these 2 scopes and did a SAVE. It confirmed that the edits were saved. But when I refreshed the page, the scopes were back!
The reason why the Trust and Safety team is asking you for the video is because this:
1-Most of the apps that will be public, require certain steps. So the video is one of those.
2-Now, the main reason for the video, is because the scope https://www.googleapis.com/auth/script.container.ui is part of the restricted scopes. And according to the documentation it needs to go through the verification.
So basically the reason for the video is because you have a restricted scope because this scope allows you to display and run third-party web content in prompts and sidebars inside Google applications. Therefore, it is important for the verification process.
Now in regards to your concern of the default scopes, I was able to remove them and create OAuth consent screen without them.
I’m developing a chrome extension and would like to make it a paid extension with a free trial. I uploaded my item onto the Developer dashboard and saved it as a draft, not submitting it yet. But on my Developer dashboard I don’t see an option to set the type of payment (free trial) or to set a price. Under Pricing & Distribution it says ‘Pricing and payment information can only be added in the old dashboard’ but there’s no option there either. My goal is to set a price and check if a user has paid when the trial has expired.
Steps I have taken:
I have paid $5 in Google payments center and under Account in my
Developer dashboard it says fee has been paid
I added at the long key in my manifest.json, taken from the .pem I
created by packing the extension (not using the crx in any way,
just to get a key). I can upload a new item without any errors so
the key seems to be working.
On Google Cloud Platform I created a project with the exact same name
and enabled the Chrome Web Store API. I generated a OAuth 2.0
Client id - using my app name and 32 digit id generated by the
developer dashboard - which I’ve added in my manifest.json
My manifest key and oauth2 now looks like:
"key": "MIIBIjANB…...",
"oauth2": {
"client_id": "19…...apps.googleusercontent.com",
"scopes": [
"https://www.googleapis.com/auth/chromewebstore.readonly"
]
}
I added this in my background.ts:
chrome.identity.getAuthToken({ 'interactive': true }, (token) => {
console.log('token: ', token);
});
It already seems to be working showing me a Google window prompting to ‘Choose an account to continue to ’ and that my extension ‘wants to access your Google Account’ and can ‘View your Chrome Web Store apps and extensions’, and returning a token.
My questions are:
Why don’t I see an option to select Free trial and set a price?
In Google payments center I have two id’s, should my id here be the same as the first 12 digits of my client id by any chance (cos it isn’t)?
Do I need to go through the process of creating an OAuth consent screen? In my project in Google Cloud Platform I now have that client id but it also says ‘To protect you and your users, your consent screen and application need to be verified by Google’ and creating the screen it requires ‘Authorized domains’, ‘Application Homepage link’ and ‘Application Privacy Policy link’. Is this really necessary for an extension, which doesn’t have a homepage?
Turns out this feature has been disabled due to Covid-19.
"Chrome Web Store payments - We are disabling the ability to create new paid items or add payments to existing items. This includes extensions, themes, apps, and in-app purchases."
https://groups.google.com/a/chromium.org/g/chromium-extensions/c/r5EKL-McE3A/m/epeWeh-wAQAJ
My problem is similar to this one. But I need to make one step further.
I whant to publish my website webview on google play. Google Play have rejected my submission but after I send them a email they respond and said that they will allow app publication if I send them pdf with distribution agreement, authorization contract, website domain information or something like that prooving my website ownership. My website hosted on azure. I have domain name like xxxxx.azurewebsites.net. Please help me to understand how can I make pdf document that prooves my website owership.
Will be very greatfull for help!
First, about how to verify your Azure Website ownership, you can refer to these Google documents as below.
Handling Android App Links
Secure and specific: Android App Links use HTTP URLs that link to a website domain you own, so no other app can use your links. One of the requirements for Android App Links is that you verify ownership of your domain through one of our website association methods.
and
Add verification for your deep links: Configure your app to request verification of app links. Then, publish a Digital Asset Links JSON file on your websites to verify ownership through Google Search Console. Learn more in Verify App Links.
Verify Android App Links
To verify ownership of both your app and your website, the following steps are required:
Request automatic app link verification in your manifest. This signals to the Android system that it should verify your app belongs to the URL domain used in your intent filters.
Declare the relationship between your website and your intent filters by hosting a Digital Asset Links JSON file at the following location:
https://domain.name/.well-known/assetlinks.json
The section Verify your website of App Indexing on Google Search in Play Console Help introduces the steps
Sign in to your Play Console.
Click All Applications All applications.
Select the application you'd like to verify.
On the left menu, click Development tools > Services & APIs.
Under "App Indexing from Google Search," click Verify website.
Type your website address.
Click Verify.
Go to Google Search Console.
On the left menu, click All Messages.
Open the verification request message (example: "Google Play: Link http://www.yourwebsite.com to android-app://example.com.yourpackage.name").
Click Approve the request.
Review the information and click Approve. Once approved, your app will appear on the
Search Console Home Page for your account. Be sure that your app enables deep links.
If you have a Google Search Console account or not, here is two links of Verify your site ownership of Search Console Help for old and new Search Console will be helpful.
Tip: Only Google Search Console users with "Owner" permissions can view and approve site verification requests. If you don't see your site verification request, make sure you're signed in using an account with "Owner" permissions.
Second, the xxxx.azurewebsits.net is just a subdomain of azurewebsites.net which be registed by Azure and you can lookup the related info via https://www.whois.net/ as the figure below, so it's not belong to you.
Therefore, you need to register a domain name like abc.com in the Domain Name Registrar like GoDaddy or others, and add a CNAME record with it into DNS server like Azure DNS, then to follow the above steps required by Google to verify your website ownership and collect the necessary information to make a PDF document to send to Google.
I'm working with actions on google and dialogflow, and recently they proposed google signin to make account linking fast without writing own oauth server.
Today I implemented their google signin in my dialogflow app it is working quite fine but unfortunately I am unable to delete that account to check all development aspects, I tried my other google accounts and my friends account but soon ended up out of accounts
Un other methods when i enable and disable testing it forget about linking but in google signin it is tightly stick with the account, and i have tried almost everything i can try like restarting my phone and clearing cache of chrome browser but it looks like it is saving account somewhere in cloud.
What i need to do is, when i sign in first time it ask for name permission, i need that screen again and again for testing something
Google calls this Removing a Website or App that has access to your account. It is done using the myaccount.google.com console.
If you want to do this using Android, the easiest way is to:
Open your device's Settings app Settings app and then Google and then Google Account.
At the top, tap Security.
Under "Signing in to other sites," tap Signing in with Google.
Tap the name of your project.
Choose Remove access.
Through the web, you can go to Apps With Access to your Accounts:
Scroll down to the "Signing in with Google" section
Locate your project.
Select it, and choose "Remove access"
The name that is shown should be the name you've given to your project as part of the OAuth screen. If you haven't set that up (and if you're just playing around, you probably haven't), it will use the Project ID for your project. You can find this on the Cloud Console home screen attached to the same project name that you used in Dialogflow and the Action Console.
While you're in there, you will probably want to configure the OAuth screen to have a name for the app as it will be visible to users on the OAuth screen. From the menu, select "APIs & Services" and then "Credentials"
Select the "OAuth consent screen" tab, and fill in the "Application name".
This name should then be in the list of applications you have installed, and can remove.
Is it okay to put your Google Maps API Key into your source code and publish it?
Others could take it and misuse it, but I don't want every developer / user to get their own API key and type it in somewhere. If the owner of the key is responsible, should I create a new google account for the project? (The project is a desktop application in Objective-C and a small developer tool.)
What would be the best way to make this convenient?
I don't think it's legal, but even it were, it's technically impossible, because the Google Maps API Key is tied to your domain name. Google will check the referrer of the HTTP request to validate the key.
The key isn't secret anyway: simply viewing the source of a website using Google Maps reveals the API key.