The past few hours i keep getting the following message
Please update your privacy policy for MY_APP_NAME to avoid enforcement action. The URL may be missing or returning an error.
Also, be sure your privacy policy displays on your website or app. For more info, refer to >Platform Policy II.3 and this external resource: http://www.applicationprivacy.org/platform-requirements/facebook/.
on the guide lines of the submission i get this ..
These apps are not currently eligible for App Center:
A Page Tab app
A Desktop web game off of Facebook.com
so why i am eligible for privacy update afterall?? and still i have entered all required info in the app details tab and still get an error of invalid submission
Before you can submit your app detail page you must first comply with App Center >Guidelines. Please make sure you have specified how your app integrates with Facebook and >have met all the requirements. Click here to update your integration.
i could really use some help instead some negative feedback..as i ve seen in similar questions
and last but not least, i ve not spotted any broken url.. :S
Related
I have created a flutter application in both iOS and Android that uses OAuth2. In order to authenticate the the app. While I can sign in successfully on iOS, Android provides error the following error:
E/flutter ( 6309): [ERROR:flutter/lib/ui/ui_dart_state.cc(157)] Unhandled Exception: PlatformException(sign_in_failed, com.google.android.gms.common.api.ApiException: 10: , null)
This is almost certainly because of a configuration issue in my OAuth verification request. Their rejection (see below) describes a homepage they require:
Dear Developer,
Thank you for submitting an OAuth App Verification request.
Unfortunately, we cannot proceed further with the verification process
until the requested things are provided.
As we discussed in our previous communication, to proceed with the
verification process for your project what-happend-here you will need
to provide a homepage that accurately represents your app’s identity
to Google users.
Every OAuth2 project requires a homepage. To ensure users’
understanding of your app’s purpose, your homepage should:
Be a verified domain under your ownership
Be accurate, inclusive, and easily accessible to all users
Link to an externally accessible domain that describes the necessary content, context, or connection to the app you are submitting
Explain with transparency the purpose for which your application requests user data
etc.
However, despite the description, I've no feel of what it should be like. Is there an example of such a page that I can use as a model?
Thanks for any help.
I've been back and forth with google over this issue. I can't give a simple answer, but I can summarize the items I've changed in order to meet compliance.
For context, I'm just using oauth on my personal webpage to identify users. I'm not selling an app. I'm not using restricted scopes. I'm not touching any user data.
This should be the simplest case, yet it was difficult to get approval. Each rejection reply is in the style of a form letter. I conclude that an AI has be trained against a set of compliant pages, and it "feels" mine isn't compliant, i.e. it's not able to point to a specific violation like a human or a rule's based system would. For this reason, I advise against spending time in your email replies. It doesn't seem that anyone reads them, just change your content and reply to get the AI to look again.
In the google console you must provide:
a homepage url
a privacy policy url
an uploaded icon image file
If you're using oauth for a website, don't confuse the oauth console "homepage url" with the base url of your website. Google wants a "homepage" that says "what your app is".
The content served at the homepage must have a [link rel="shortcut icon"] whose href points to the identical bytes of the icon you uploaded in the oauth console. If the bytes differ because you're using a scaled or differently styled image, you'll be rejected.
The content served at the homepage must have a privacy policy link where the href is identical to the characters entered at the console. If they're the same page, but differ by an anchor for example, you'll be rejected.
Also watch for caching. I changed the contents of my [link rel="shortcut icon"/] and got a reply that seemed to accept the icon but complain about another issue. Then when I fixed the other issue they rejected me for the icon again. I think since I changed the uploaded icon but didn't change it's name that they later saw a cached icon. I changed just the url (thus invalidating their cache) and the next reply didn't complain about the icon.
If you're not using restricted scopes you shouldn't need the limited use disclosure, but I got a complaint about that so I added it.
Here's what I'm using for both the homepage and the privacy policy:
https://holtstrom.com/michael/about/
Here's how that looked at the time of this posting when it was finally approved.
You'll see that I have all of the google requirements rendered in underline followed by the text that satisfies the requirement.
In case it helps, here's the replies I received from Google:
Google OAuth Consent Screen Verification:
#Michael Holtstrom's answer works perfectly, And I got my app approved in just the 2nd attempt.
But, since there is no information available anywhere on internet regarding this, that's why
I am posting my answer with all the screenshots, only to support #Michael Holtstrom's answer, so that you can move ahead with more confidence.
Because, I was really worried for 3-4 days whether my app will get approved or not. Because this was the last part left in my project.
I was also using Google OAuth only to get email, name and profile picture.
My app could have got approved in the first attempt only, but the first time I submited homepage had text selection disabled(Because I built it using Flutter Web, on which text selection is disbaled by default).
So, I think the Google's AI was unable to read the text on homepage, and thus asked me to update the homepage.
Next time, I built using wordpress, and then my app got approved.
(And by the way, I'm using chrome extension dark reader, that's why all the screenshot has dark mode enabled.)
Youtube Video Url:
https://youtu.be/lzq9WjCXT6c
Consent screen form on GCP Console
Google OAuth Homepage
https://www.madhavkumar.in/about/
Privacy Policy
https://www.madhavkumar.in/privacy-policy/
Email thread with Google Trust Team
My company's Facebook app has been in operation for a few years, but with the recent API upgrade, Facebook now requires apps to be submitted for approval if you need certain permissions.
This app adds a page tab, which requires the manage_pages permission. Facebook has rejected the app several times, providing the following reason:
We could not reproduce the requested permission. Please submit
detailed, step-by-step English instructions in the "Add Notes" section
of the permission, and make sure to provide the relevant version of
your app.
Things I've done:
provided step-by-step instructions, with supporting screenshots for each step
had multiple people test those steps to ensure the login process and page tab work as expected
read through all of the supporting documentation and submission articles
Unfortunately, Facebook provides no option to contact their reviewers.
Has anyone else hit a wall when submitting a Facebook app for approval? And if so, were you able to figure out the issue or contact the reviewer?
That's unfortunate... I think there have been such cases. If you think everything is correct with your review submission, I'd recommend that you post a message to https://www.facebook.com/groups/fbdevelopers/ There are FB engineers monitoring the group, I guess they could give you some help or contact the right persons.
Good luck!
I try to get my Facebook app live, but when I switch the button to live, there's an error occurred.
You must provide a valid Privacy Policy URL in order take your app
Live. Go to App Details and make sure it is valid.
I already put the valid Privacy Policy and Terms of Service URL. But it is still not working.
I've already searched the topic here about the same problem, it is said that it is a bug, but it's from November last year, is it still a bug or there is a solution of this problem now?
We've received the following warning:
Please update your privacy policy for Brewtoad to avoid enforcement action. The URL may be missing or returning an error.
Also, be sure your privacy policy displays on your website or app. For more info, refer to Platform Policy II.3 and this external resource: http://www.applicationprivacy.org/platform-requirements/facebook/.
When we click to update the privacy policy, we're directed to this page where we're being forced to create an App Center page. We don't want that. We only use the Facebook app for users to login with Facebook.
When we go to edit our app normally, there isn't an option to "submit a privacy policy."
This message is an alert that won't go away because we've "read" it.
Previous questions about this issue have answers insinuating that all you have to do is add the privacy policy url and that the message can be marked as read and the alert will go away
Neither of those things appears to be true. Instead, it looks as though facebook is trying to muscle us into some kind of integration with App Center that we don't want to implement.
You don't have to publish your app to App Center - just add privacy policy to https://developers.facebook.com/apps/APP_ID/appdetails and all will be fine, trust me.
You must provide a privacy policy in the required field on the app options page:
Head to https://developers.facebook.com/apps
Select your app
Click 'Edit app'
Click on 'App details' on the left
Fill the 'Privacy policy' url field with your privacy policy
If you don't have a privacy policy and need to generate one, I'm the founder of a service that does just that, and has a specific Facebook integration: www.iubenda.com/en/facebook
I recieved two emails from facebook to put privacy policy link but I couldn't do it in time. I had over 8000 active users and now none can connect onto my forum. I guess they terminated the app? I did add the link onto my app but still it isn't working. I have looked around to see If anyone else went through the same. How do I contact Facebook and get this resolved.
I guess they terminated the app?
Check your app dashboard – usually, as a first measure, your app gets put into sandbox mode.
Add the missing policy links, and then try taking it out of sandbox mode again.