I have created a project in google action with account-linking enable.
and it is working fine on the test simulator and android device.
But not working well with Google Nest Mini when I am trying to link my account to the project. And it is because of user.verificationStatus != VERIFIED same account used while on android and it was working.
In easier terms :
When testing with android device : user.verificationStatus == VERIFIED (with google account example#gmail.com). It means account is verified
When testing with Google nest mini : user.verificationStatus != VERIFIED (with google account example#gmail.com). It means account is not verified.
How the same account can have two verification status?
Can anyone tell me in which circumstances user.verificationStatus verified or unverified?.
Any information regarding user.verificationStatus would be good.
The verification status is a signal that the developer can use as a signal before using any API for specific users like user storage. As the documentation mentions, there are several possible reasons the end-user may be seen as a GUEST:
If the user has turned off Personal Results for Assistant
If they have Web & App Activity turned off
If Voice Match on the device did not match
The user isn't signed in on the device
The VERIFIED means that the current session is connected to an identified Google account based on signals from the user account and the device. It isn't tied to your account alone.
Related
I am working on an Action on Google for one of our customers.
We are currently trying to transition from pure Google SignIn to Google SignIn + OAuth (Auth Code - docs).
For that we use the OAuth implementation of said customer, which works fine.
When testing on the phone or the Google Assistant App, there is a pop-up that allows to link the action to the Auth provider. This works as intended.
However when testing on the speaker (Google Home + Google Home mini), the documentation says, that it should trigger a transfer to the phone via a notification on the device.
This does not happen unfortunately - we do not get any activity on our device.
We already asked the (AoG) support for help or known issues, but they could not help us with this and asked us to post our question over here.
More Information:
both devices are logged in with the same Google Account
Google Assistant App + Google Home App is installed
tested with Google Workspace account + with #gmail account
tested on iOS (14.5.1 - iPhone 11)
Notifications for Google Assistant are turned on
Web & App Activity is turned on (activity)
"include Chrome History" is also checked
Did someone of you encounter a similar problem in the past?
If so, were you able to solve it?
Would be happy to hear from you.
Thanks in advance!
As per Apple's App Store review guidelines, if the app I'm making requires sign-in, then I must provide Apple testers with credentials.
My app exclusively uses Google Accounts, and since I am working for an organization, I am required to only allow accounts that are registered in the database as "students". Keep in mind when I say organization, I mean one that is exempt from using "Sign in with Apple".
I created a dummy Google Account to allow sign-in, and provided credentials to Apple. However, they got prompted to enter in a phone number, since their device was not recognized. What can I provide them with so that they will have unconditional access to my account, whether they are on a legitimate device, or a simulator behind a hundred proxies?
2FA is not enabled, nor are any recovery methods specified, so to be fully transparent I am not really sure which phone number Google seems to want. Here is the prompt Apple has got.
I have already enabled the "less secure access" feature in the Google Account dashboard, but seeing as the Apple review process can be quite lengthy, I want to make sure I got this right before submitting.
I am creating a google account and an apple ID with a group work account. During registration, it asks for entering a mobile number to be linked to that account where they can send a verification code to it. This account will be used by a group of people and I dont want to put just a personal mobile number and I dont want to buy a new mobile number as it wont be used by anyone and it will expire sooner or later. Is there any other option? I am not sure if Apple or Google have USB keys that can be used for MFA instead of a mobile number?
I don't know about iOS. But Google offers a variety of means, including printed backup codes. They are described here. Yubico also offers hardware keys than can be used.
Google deprecated the use of embedded webviews for authentication with Google Signin in devices like iOS and Android.
Android supports Kiosk mode. The concept of having numerous users share a single android device is not foreign. iOS is also frequently used in a "shared device" model.
However, the current implementation of Google Signin for iOS uses SFSafariViewController, which in turn uses system wide shared cookies. And this is where Google now stores all Google Signin information. An App can have no control whatsoever over this. Apple has stated this firmly.
So in Kiosk mode, if an app were to use Google SignIn, there is no "signout", not really. Each account used will use the same device wide browser cache for tokens... and any other user can then login as that user , within the token expiry period, without a password. Google will NOT prompt for passwords the 2nd time unless the user has explicitly signed out of their google account in Safari... which is not something the app can manage or control.
So the question is:
How can a developer ensure that when a user signs out of the app they signed in with using Google Signin they will be prompted for a password the next time they sign in?
(research suggests that apparently... they can't, but Google also closed down the forum for comments on this lovely stack claiming they would rather scan Stackoverflow then interact with the foolish gamblers that opt to use their APIs - leaving us to shift our focus to supporting AzureAD instead, which unlike google, does not seem to take such pride in making needless work for developers)
Google Signin is now a mess. No choice to but to toss it.
I hope someone proves me wrong with a clever answer as I would happily reverse my position :)
In this brave new world of continuous improvement... Everything is broken.
The app should be uploading videos from iOS devices directly to our own YouTube account (not user's account).
In every scenario I came across you need an Access Token that you can get only from user logging in through OAuth2 (window popping up). Obviously, we can't give everyone username and password from company account. I was imagining using some key that uniquely identifies the app and YouTube user account to use.
Any solution / pointer? Thanks.
I ended up using deprecated Client Login. We still need to figure where to store passwords (either in the client app, or fetch them from backend every time), but that's already a huge progress.
Unfortunately, Google says Client Login will be removed in 2015. We can just hope they'll come up with non-interactive auth method requiring no user interaction by then.