'You can't sign in to this app because it doesn't comply with Google's OAuth 2.0 policy for keeping apps secure

I am developing a web based app that will allow my trusted staff to edit the titles, descriptions, tags, etc of my YouTube channel. In attempting to "Opt In" to my own application, I was sent to the callback uri with an error message:

"You can't sign in to this app because it doesn't comply with Google's OAuth 2.0 policy for keeping apps secure. You can let the app developer know that this app doesn't comply with one or more Google validation rules."

Some history - when I first attempted to obtain a code to exchange to an authorization token, it actually worked! However, as I was writing the code to harvest the code and exchange it for the authorization token, I repeated the "Opt In" process multiple times. Before I was ever able to perfect my code to exchange the code for an authorization token, I began getting the error message to the effect that the app is insecure and cannot be signed in to.

More history - after reading a Stackoverlow article describing something similar, I DELETED the project, created a new project, generated a new Client ID and Client Secret, then repeated the test with the same failure.

I am the only Test User of the app. I can't find any notification in my console alerting me to nature of the security issue triggering the failures. I have reviewed the oAuth policies at

https://developers.google.com/identity/protocols/oauth2/policies?hl=en

and cannot find anything even remotely wrong.

I am totally clueless as to what is wrong or how to fix it. Until fixed, I am dead in the water.

youtube-api


Solution 1:[1]

I also had the same issue. For me, it turned out that my redirect_uri is not valid. The redirect_uri that gives error:

http://localhost:8000api/vi/oauth/google

What are wrong in my case:

  • I should put a / before api.
  • vi is different from what I registered on GCP. It should be v1

I would suggest you to print out the redirect_uri when your app is performing code exchange, and verify every single characters carefully.

Additionally, checkout the documentation of Redirect URI validation rules on Google to see if your redirect_uri comply all the rulles

Solution 2:[2]

You probably changed the port where the project is running or you did not define the address where the project is running in google cloud.

google cloud>APIs and Services>Credentials>OAuth 2 Client ID> change Authorized js orgin to port that your app run in local or shared host

The URL may take time to define, so it may not work right away, you can also create a new credential.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Kant Chen
Solution 2 Amin Hashemian

Related Questions

How can I autoplay a video using the new embed code style for Youtube?

YouTube API to fetch all videos on a channel

YouTube API to fetch all videos on a channel

Uploading video to Youtube using Youtube Data API V3 and Google API Client PHP -- getting 401 (unauthorized) message

Youtube iframe API fails load or cue playlist

Does youtube player support to show cast button?

‘Access-Control-Allow-Origin’ missing when uploading to YouTube API

Why is 'gapi.client.youtube' from Youtube Data Api V3 undefined?

Possible to Find Total # of YouTube videos using YouTube API?

What is a part in the youtube api v3, and how should I use it

How long is the Google API key Valid?

Retrieiving YouTube chat data from archived (completed) livestream

ssl ,urllib3,requests .exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:548)

I have some problems with Youtube Player Flutter

Access 'Stats for nerds' data in youtube iFrame