Blog Article

Dealing with the Chrome Store publishing process

Published: October 7, 2019

My goal is to be transparent about the processes of publishing my apps. I am in the process of publishing another app, you will see some crumbs populate this site as I need to have some assets for required bits in the publishing process.

When it is fully ready I will share more about what it does, so realize it is not a finished documentation process yet :)

Oauth verification

I am making a Chrome Extension that requires a Google Oauth (this is the Google Sign-in button for apps). In order to allow developers to use sensitive or restricted Google APIs, they need to go through an Oauth verification and in some cases a 3rd party security review.

Publishing an Add-on to the GSuite Marketplace also requires the Oauth Verification, so I have been through the process 3 times already (FormCreator, FormRecycler, and SlidesTranslator).

Where do you start?

In the Google Cloud Project associated with your app. You can get there from your Add-on if you are coding in Google Apps Script or directly at []

(You will also need to enable the APIs you want to use and create some credentials to use as a developer, but that will be a different post)

The Oauth Consent Screen is an option in the left sidebar. Fill in the details and add the scope you want to have the users have access to.

You will need to have detailed information on your authorized domain website (I don't remember specifically what I had to do to get it authorized in the first place...maybe nothing?) that shows what the permissions are that are needed and specifically what you will use them for. Not only is that a helpful thing for users, but overall better for data security and transparency.

You also will need to describe what you will be using the permissions for in your app in the Verification form.

Until you have the Oauth Verification you will be limited to the number of users that can install and use your app. There is a maximum of 100 users until the Oauth is verified. Additionally, those users will need to bypass a really scary warning in the authorization window.

In my experience the verification team gets back to you within a day or two and generally will need some more information. Sometimes a video screencast showing the verification is needed.

Currently, I am on the stage where they contacted me to get more info, and you can see the information I have publicly given them for my Slides Pro app here. I will keep you posted!

Blog picture Oauth Verification Form

Blog picture Unverified app warning before Oauth Verification

Blog picture Email notification from Oauth Verification Team