[Action Advised] Take action to continue using Google's OAuth authorization endpoint
Google Developers
Hello Google Developer,
We're writing to let you know that all OAuth authorization requests coming from embedded webviews will be blocked with a disallowed_useragent error starting February 6, 2023. Affected requests to our authorization endpoint will display a user-facing warning message from now until February 6, 2023.
What do I need to know?
Embedded webview libraries are highly customizable, which can expose your Google's account login and authorization pages to potential "man-in-the-middle" attacks. Google's OAuth 2.0 Use secure browsers policy helps us protect users from these and other types of attacks.
Examples of affected embedded webview libraries include android.webkit.WebView on Android and WKWebView on iOS or macOS.
What do I need to do?
- Review our June 2021 Google Developers blog post, Upcoming security changes to Google's OAuth 2.0 authorization endpoint in embedded webviews, to follow instructions for impacted developers. Note that suppression of the user-facing warning message is not supported.
- If you are able to modify the authorization requests of your app, you may choose to test your application for compatibility with our Use secure browsers policy after making the necessary changes.
Review the potentially impacted client ID(s) used by your projects below:
- Project ID: omegaup-com
For additional information regarding these changes, please read thoughtfully through the Google Developers blog post shared above.
Thanks for choosing Google OAuth.
— The Google OAuth Team
| Was this information helpful? | |
   |
|
© 2022 Google LLC 1600 Amphitheatre Parkway, Mountain View, CA 94043
You have received this mandatory service announcement to update you about important changes to Google services you use.
