1

I need to create a development Google OAuth 2.0 Client ID for my app. I see that you cannot have an origin of http in the list of allowed origins. The error states...

Invalid Origin: This app has a publishing status of "In production". URI must use https:// as the scheme.

So it seems I need to create a 'development app' so it can have its own OAuth key. However, I am finding it confusing on how to do this.

In my view I can see my org and what I think is a "Project". I can add another project, but I am thinking there should be a way to add an "App" to my existing project.

I think the hierarchy goes Org -> Projects -> Apps correct?

Where does one add a new App?

John Livermore
  • 30,235
  • 44
  • 126
  • 216

3 Answers3

1

It is true that any app that has been set to production and has been verified can not have a redirect uri that is not https Redirect URI validation rules

enter image description here

You can create a new project on [https://console.cloud.google.com/apis/dashboard] for development.

Linda Lawton - DaImTo
  • 106,405
  • 32
  • 180
  • 449
1

Google says that for apps in production, redirect URIs must use the https scheme, not plain http. It seems however that localhost IP address URIs are exempt from this rule.

If you just need to create a new OAuth 2.0 Client ID, go to Projects -> /your app/ -> APIs & Services -> Credentials.

Over there, choose Create New Credential, then choose OAuth Client ID (depending on your use case).

Then you will be asked for the id/package-name of your app you want to create a Oauth client id for.

Otherwise you can always create a new project.

OAuthClient

rasulfahad
  • 443
  • 3
  • 13
  • Thanks. And I saw that, but if you create the new OAuth key with an allowed site starting with http://, then you get the same Invalid Origin error stated above. So have to create another App that isn't in Production. Just not sure how to create the App. I see how to create a new Project, and I am not sure if Project = App. – John Livermore Jan 25 '23 at 17:49
1

The way you add an "app" really depends on how that application is implemented. You are correct that organizations have projects, but projects don't really have "apps," they have resources.

In this organizational hierarchy, the idea is that you either add a virtual machine, or a kubernetes cluster, or a cloud function, depending on whether you're using Google Compute Engine, Google Kubernetes Engine, or Cloud Functions, respectively (or anything else).

If you were using Google Compute Engine to implement your web application, for instance, you would add the virtual machine to your project (either via the web interface or the gcloud command-line interface), and then you'd configure a web server to handle incoming requests at whatever address you wanted for the OAuth webhook.

Again though, the main point is that you don't really add "apps", you add resources, so it really depends on how you're going to be implementing your web application. In short, however, you do not need to create another project. That would just bring you back to square one :)

Jose Fernando Lopez Fernandez
  • 1,139
  • 9
  • 18
  • Thank you. You state I don't need to create another project. However, don't I need another project that can be in "testing" mode so I can add a http (vs. https) endpoint to the list of allowed domains? – John Livermore Jan 26 '23 at 14:21
  • Ah, I see what you mean now. The way this is usually done with OAuth clients is that you go to the OAuth UI and simply register another app; you don't need to actually create a different Google Cloud resource or project. However, I should say that the "proper" (and honestly simplest) way to handle this would be to use Certbot to just enable https on your server. Best of luck. – Jose Fernando Lopez Fernandez Jan 26 '23 at 23:02