Issue
I am trying to adapt to Google's change in smtp policy on 5.30.22 that prevents 3P apps to have access to gmail account. I want to give my web project hosted on heroku access to be able to login programatically to my gmail account. I checked out some posts including this one, but I'm just not seeing what is expected in my settings.
In that gmail account, I go to Security -> Less secure app access and confirmed it is, in fact, no longer available. I saw nothing else in Security that seemed relevant.
Then, I try Data & Privacy -> Data from apps and services you use -> Apps & Services -> Third-Party Apps With Account Access. Clicking on that takes me to Apps with access to your account, where I see You haven’t given any apps or services permission to access your Google Account. Learn more (<-- link to https://support.google.com/accounts/answer/3466521?hl=en). That link brings me to Manage your account permissions -> Manage third-party apps & services with access to your account.
I then go to Review what a third party can access. Steps for that are:
- Go to the Security section of your Google Account.
- Under “Third-party apps with account access,” select Manage third-party access.
- Select the app or service you want to review.
...but in step #2, there is no Third-party apps with account access or Manage third-party access link/section in my security page.
How do I add an app I'm working on to that list?
UPDATE - I saw https://support.google.com/accounts/answer/112802?hl=en&ref_topic=7188760, which is "Use your Google Account to sign in to other apps or services". Is this what I need? It says to:
- Go to an app or service you trust.
- On the sign in page, select Sign in with Google, Log in with Google, or Join with Google.
- I go to my app (hosted on heroku), but the "Sign in with Google" option is not there.
Solution
Due to the removal of Less secure apps & your Google Account you can not use a users login and password to access googles smtp server.
You have two sevral options.
- Switch to using the gmail api and authorize your application using Oauth2 and store a refresh token. Make sure to set your app to prodctuion or the refresh token will expire after seven days.
- Use xoauth2 with your request to the smtp server. You will then need to use Oauth2 to authorize the application and store a refresh token. Make sure to set your app to production or the refresh token will expire after seven days.
- If you have 2fa enabled on that account then you can create an apps password. Sign in with App Passwords Once you have created this password you can then use it in place of the actual password in your code.
Answered By - DaImTo
0 comments:
Post a Comment
Note: Only a member of this blog may post a comment.