Hello Guys,
we received an email from a client which already purchased Google Integration extension and he tried to use it in his company.
Unfortunately, don't know why, but instead of using Google Workspace, he is using private google accounts and he fail on verification stage.
Of course if he is using private google accounts, he have to turn public app as external to give access private accounts. He only want to use google contacts sync, but google verification see that EspoCRM extension trying to connect also to the https://mail.google.com/ endpoint. And because of that they want to do a security analysis. Here you have a quote: Assessments will be conducted by a Google-empanelled third-party assessor. The cost of the assessment typically varies between $10,000 -$75,000 (or more).
And i wonder is it normal? Is there a way to walk around this and for example disable request in extension to that specific endpoint.
They've also had issue with text on button on connecting stage, when user connect his account to google. There is a red button with text "Connect" and they want "Sign in with Google". Here you have a screenshot with their comment: https://i.imgur.com/YzH59MX.png
This is a message mostly to EspoCRM devs, to make sure that there will be no issues in the future for other users. i decided to post this here, because maybe someone have some experience with adjusting scopes, to not use gmail endpoint. I can of course adjust extension to don't use that endpoint, but maybe someone already have such issue and have better idea.
Oooor maybe i'm doing something wrong
Have a wonderful day!
we received an email from a client which already purchased Google Integration extension and he tried to use it in his company.
Unfortunately, don't know why, but instead of using Google Workspace, he is using private google accounts and he fail on verification stage.
Of course if he is using private google accounts, he have to turn public app as external to give access private accounts. He only want to use google contacts sync, but google verification see that EspoCRM extension trying to connect also to the https://mail.google.com/ endpoint. And because of that they want to do a security analysis. Here you have a quote: Assessments will be conducted by a Google-empanelled third-party assessor. The cost of the assessment typically varies between $10,000 -$75,000 (or more).
And i wonder is it normal? Is there a way to walk around this and for example disable request in extension to that specific endpoint.
They've also had issue with text on button on connecting stage, when user connect his account to google. There is a red button with text "Connect" and they want "Sign in with Google". Here you have a screenshot with their comment: https://i.imgur.com/YzH59MX.png
This is a message mostly to EspoCRM devs, to make sure that there will be no issues in the future for other users. i decided to post this here, because maybe someone have some experience with adjusting scopes, to not use gmail endpoint. I can of course adjust extension to don't use that endpoint, but maybe someone already have such issue and have better idea.
Oooor maybe i'm doing something wrong
Have a wonderful day!
Comment