Menu
When using Google OAuth for my Alexa account linking it worked fine on Android and some iOS devices but a user reported the following:
Error 403: disallowed_useragent
"This user-agent is not permitted to make an OAuth authorization request to Google as it is classified as an embedded user-agent (also known as a web-view). Per our policy, only browsers are permitted to make authorization requests to Google..."
292
Google has updated its security restrictions for OAuth2 flow. They no longer allow native web-views to initiate OAuth flows, but rather want developers to use the OS browsers. It would appear that your iOS app is still trying to use a web-view to authenticate. You need to fix that so that it opens in the OS browser instead.
Background info:
This is just my opinion but there are a lot of apps out which have started forcing their users to use these embedded browser's (Facebook for one). One could question how secure they are and that it is better to use the real installed browser. I suspect this is why google has enabled this to begin with.
More information is available in the Google blog
145
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
