I've created a test listing for Google Apps Marketplace (GAMv2) and have specified a setup url. When testing using the "TEST INSTALL FLOW" button, the authorization screen pops up and clicking the "Accept" button takes me to a popup that confirms the application has been added. There's a "Launch app" button and a "Manage app" link on this 2nd popup. The "Launch app" button goes to the setup url that I entered in the listing definition.
Isn't the install flow supposed to redirect there automatically? I've seen other questions where this behaviour seems to be working on and off:
Google Marketplace App Install Flow
Google Apps Marketplace SDK install does not forward user to Setup URL
Google app marketplace sdk setup url stopped working
There's also this page in the marketplace documentation which says it is supposed to redirect:
https://developers.google.com/google-apps/marketplace/eap/oauthwalkthrough
Are other people having this problem?
In v1 of the marketplace, yes, set up links were automatically included in the linear install flow. In the new install flow set up links are presented separately. They're presented to users, but there is no guarantee that that a user will click it. Even in V1 there were some cases where a user could end up bypassing the setup link.
There are some improvements that can be made to encourage admins to revisit the setup if they skipped it. In either case, apps should be tolerant of these cases and adapt.
My recommendation is to check on login and enter the setup flow if it hasn't yet been performed. You can use the licensing API to check if the domain has installed from the marketplace or not. If you need to enforce things like requiring admin permissions, you can add further checks to see if the current user is an admin for the domain and give non-admin users a polite message indicating the app isn't ready for them to use yet.
Related
I am building a Slack App and planning to distribute it in the Slack App Directory so that other users can install it. I am using Slash commands for this app. Now when I get my API called after some user type my Slash command then I want to access some of the user information using WEB APIs. But to access the info I need user token to call the WEB API. With Slash command request object I am not getting any user token. So my question is how can I get the user token at this time to access the information. Do I need to save this when user installs the app or do I need to provide the Add to Slack button for this?
Yes, your app will receive the access token for a team / workspace only as result of a successful installation process and should then store it together with the team ID for later use. Each slash request includes the team ID which allows you identify the correct access token for each team.
There are two approaches for installing Slack apps, which can be chosen on the "Manage your apps" pages under "Basic Information". Here is how it looks:
Installation from landing page
Having your own website with a "Add to Slack" button is the easiest way to to that. You website will then need to handle the installation process, which basically is a Oauth flow. You should also make sure to request the right permissions, so that you can later access the API methods that you need. This installation approach is called "Installation from landing page".
Installation from App Directory
Another way to install your app is "Install from App Directory". This will allow users to start the OAuth process directly from the App directory, instead of having to click a "Add to Slack button" on a website. Its has the same effect as clicking a custom "Add to Slack button", so you still need a website behind it to handle the full OAuth flow.
Important: This option is only available to apps that have been approved by Slack and are listed on the App directory.
Further Reading
Installation approaches
Oauth process with Slack
We are integrating our app in the new Google Marketplace.
Our marketplace config in the developer console is ok.
Our oauth2/sso flow is ok (scopes match the ones setup in the console, auth params ok)
All users, when accessing our application through the Navigation bar, don't see any consent screen. All is perfect … except the following :
when an admin user is installing our application for his domain for the first time, he is presented with the domain consent screen displaying the scopes defined in our marketplace config, which is fine, he accepts and is presented with a button "Launch app". This link hit our server and a redirection is made to google auth in order to get the email and profile of that user. The redirection happens quickly that the admin is presented with yet another consent screen displaying the exact same scopes … which is bad.
If we wait 10 - 20 seconds before clicking the 'Launch app' button and after having accepted the scopes for the domain, the redirection to google auth is done and no consent screen is presented to the admin.
Are we missing something? Some sort of pooling technique with callback? "Sleeping"?
The same happens with other apps available on Google Apps Marketplace.
I installed several apps from Marketplace (Mavenlink, Lucidchart, etc), and they showed exactly the same result. I was prompted with consent screen immediately after installing them. A bit later, and I was let in without prompting.
It seems that the information on the installed app is not immediately propagated through Google system. There is a short delay between the time the administrator installs an app to his domain, and the time that app becomes available on his domain.
Most users wouldn't mind to wait a minute after the installation. Unfortunately, a reviewer at Google is not that forgiving. If he is quick enough to start your app immediately after the installation, your app will be caught asking for consent, for which it will be rejected from Marketplace. Too bad.
We've migrated our app from the old marketplace to the new one. After a few days we've received an email that we don't comply with an SSO policy - the user is not recognized after he installs the application.
In the old app we had a specific setup link, that was opened for the user after he installed the app - thus making him recognizable. Is there such a function in the market? Is there some sort of a callback for the installation event in the new marketplace?
P.S. the guy from Google told me to post technical questions on Stackoverflow and that "Our developer relations team monitors that forum and will be able to assist you."
EDIT:
There's the Additional app setup link in this after-installation popup (which clearly no user will click):
Is there a way to call the URL that of the Additional app setup in the background, without needing the user to click an obscure link?
That was an intentional design change which is different than how it used to work in v1 of the marketplace.
If you need interactive setup, best thing to do is put in a check on login to see if the domain has been configured. You can use the licensing API to check for a marketplace install record or directory API to check user permissions if those matter for your use case.
If you just need to run a background task, you can periodically poll the licensing API to detect new installations of the app. This shouldn't be done too often, so if you need to do things before a user logs you're still better off going with a check on login to route them to the setup flow as needed.
I'm developing a google apps marketplace app. There's the Test install flow button on the dashboard, but I'd like to test installation on another domain of ours - to see that permissions, token etc. work as expected. Is there a way to install an (it's non published yet) on a domain which is not related to development?
Found a solution, this was surprisingly straightforward, but it worked for me:
Open two browser windows, one for your dev account (dev.com) and one for the domain you wish to test on (test.com)
In you dev account, go to the dashboard and click the Test installation flow button
In the popup that you get, go to the address bar and copy the link
Now go to the browser with your test.com domain, and enter this address
You'll be asked to login, and then you'll get the consent screen
You should now see the app in your test.com`s marketplace apps list
You can do this by creating a new application in the chrome web store.
Make sure that you create this application in the web store with an account that belongs to the given domain. Next, restrict access to your domain.
Finally, you can install the application on the domain.
I have done setup of project using New Marketplace. When i click on "Test Install Flow" (Api Console) ,one popup is coming, asking for permissions (scopes) to access domain. When i accept "Terms and Conditions" pop up closed.It is not redirecting to setup url. is this correct behaviour.? or It should need to redirect to setup url.
If you're trying to deploy an Google Apps Marketplace but restrict it to your domain, you can publish it to the Chrome Web Store and limit the visibility to your domain.