Invalid Scope

Invalid Scope – 400 error

When you click ‘Add Google File’, or attempt to authorize with Google, you just see a window saying ‘400 – That’s an error. invalid_scope’:

You probably created the project using a free Google account (or free educational/non-profit G Suite) rather than a paid G Suite (Google Apps) account. That’s fine, but Google has an approval process in place to prevent phishers from setting up false projects. (Please get in touch if you didn’t use a free Gmail account, but still see this error.)

First, for testing purposes, you can ensure your own account is whitelisted so that you can try it out without formally submitting your project for approval.

Simply join the Google Group: Risky Access By Unreviewed Apps

Once you are a member of that Group, you should no longer see the invalid_scope error, and everything should work as expected. That may be sufficient for your site if only you need access to ‘Add Google File’, and you don’t have any Enterprise-style folders embedded in Drive mode (you can find this out just by seeing if users run into the invalid_scope issue).

Submitting your project for Google Approval

For all users to be able to authenticate with Google for Drive purposes, you will need to complete the following form for manual approval:

https://support.google.com/code/contact/oauth_app_verification

Note that you will need to resubmit your project for approval if you change URL details or the site name, such as upgrading from http to https or moving your site to a new domain, so it makes sense to ensure everything is working first, using the testing procedure outlined above.

Some pointers to help you fill in the form

Our Unverified App instructions will explain how to fill in this form.

Please get in touch if you need any assistance.

G Suite – new API whitelist controls

It is now possible for a G Suite (Google Apps) domain admin to explicitly whitelist apps so all their domain users can use them. It is also possible to manage which scopes can be granted for apps.

Details are on Google’s blog. Please note these protections are in addition to the verification process described above. You may need to both submit your project for approval and whitelist your project for your domain (if your domain defaults are too restrictive in the scopes you allow your users to grant).

Google Apps Login is trusted by thousands of organizations from small businesses to NASDAQ-listed companies and government organizations.

Users click their way through Login via Google (just one click after the first time)

Users click their way through Login via Google (just one click after the first time)


You can try it out by clicking below to auto-create a test account on this site! This will show you the basic Google login process.
Try out Google login

Logging in is only the start – Google Apps Login takes care of all your WordPress user management. Find out more here.

[user_show_avatar]

See [user_first_name] – that was easy!

Your account has been created, and you are now logged in. On your own site, you will specify your Google Apps domain – e.g. mycompany.com – and only users on that domain will be allowed to auto-create accounts.

Logging in is only the start – Google Apps Login takes care of all your WordPress user management.

Find out more

 

×