I'm developing an app for a client and together we agreed to try Heroku, though neither of us has any experience with it. The client will be in control and will add me as a collaborator. The instructions at https://devcenter.heroku.com/articles/sharing seem pretty simple... except they don't seem to work.
I made an account and so did the client. The client ran the following:
heroku apps:create appname
heroku sharing:add myemail#gmail -app appname
The client says both of these actions reported success, but I haven't received an e-mail inviting me to collaborate on the app. Presumably some additional steps are required to get things going before collaborators can be added?
Can anyone explain what else we need to do? Alternately, I understand it's possible to transfer ownership of an app, would it be easier for me to create it and then transfer ownership to the client?
You can verify if the collaborator was added from the web UI on heroku.com - go to the 'My Apps' page, find the app and click on the collaborators icon and you should see your new collaborator listed. It's also possible to invite people directly from this page.
Our typical workflow is to build a site for the client in an app in our account and then transfer ownership of the application to the client for golive so they become responsible for billing and such like.
In order to be able to transfer the account, the person who you are transferring to needs to be a collaborator on the application.
We found the issue. We needed another dash in front of app in the add collaborator command; it should have been:
heroku sharing:add myemail#gmail --app appname
Related
What is the best approach to manage app ownership in Slack?
Currently all devs in our team create their apps under their own Slack accounts. The risk with this is if they leave the company and their account gets closed then the apps they created will cease to work.
This must be a common solution but I couldn't find a definitive document with a good solution.
What would you recommend?
Here is what I would suggest for managing ownership of app development.
For this discussion we need to distinguish between
creating a Slack app
installing a Slack app.
Those are different concepts which need to be handled in different ways.
Creating a Slack app
A new Slack app is always created in a workspace and belongs to the user that created it. If that user leaves the workspace (or goes on a longer vacation) the Slack app can no longer be managed.
This risk can be mitigated by adding collaborators to every Slack app. Collaborators have the same rights (e.g. delete an app) and will keep their access when the initial creator is deactivated.
As the documentation states:
Slack apps are owned and contained by the team they are created on.
Slack apps may have multiple App Collaborators associated with it, and they can review & manage the application record. They can also add or remove other collaborators.
To further mitigate the risk of losing access to Slack app it might be prudent to create a dummy admin user that has to be added to every Slack app as collaborator. That way you won't loose access to your Slack app even if multiple users leave the workspace.
Installing a Slack app
When the creator or collaborator of a Slack app gets deactivated his app will automatically be uninstalled if he was also the installer. As it says in the documentation:
One caveat: this exception doesn't apply to the folks who created an
app or were added as an App Collaborator. When they leave, the app is
still uninstalled. Same goes for when an app uses additional scopes
beyond the ones listed above, taking on the behavior of a user.
One way to avoid this situation is to use a dummy admin account for app installation instead of the actual user.
We have review apps enabled for our app in Heroku. The feature was enabled by a developer who no longer works with us. When we revoke his access to the app from which the review apps are build, the review apps are not built any more. If we disable and re-enable the review apps, Heroku assumes we are doing so as the original user so we get an error message that we don't have access to that app...
Is there a way to switch the owner of the automaticlly built review apps?
Here is the response I got from the Heroku support:
You can fix this by visiting your pipeline, clicking "Manage GitHub connection", then clicking "Disconnect". Wait a few seconds, refresh the page, and reconnect from the same menu. This will make you the default user for provisioning and deploying review apps.
Once that's done, you'll need to re-enable review apps for your pipeline. Also, if you had any apps set to auto-deploy from GitHub, you'll need to configure that again as well.
We've migrated our app from the old marketplace to the new one. After a few days we've received an email that we don't comply with an SSO policy - the user is not recognized after he installs the application.
In the old app we had a specific setup link, that was opened for the user after he installed the app - thus making him recognizable. Is there such a function in the market? Is there some sort of a callback for the installation event in the new marketplace?
P.S. the guy from Google told me to post technical questions on Stackoverflow and that "Our developer relations team monitors that forum and will be able to assist you."
EDIT:
There's the Additional app setup link in this after-installation popup (which clearly no user will click):
Is there a way to call the URL that of the Additional app setup in the background, without needing the user to click an obscure link?
That was an intentional design change which is different than how it used to work in v1 of the marketplace.
If you need interactive setup, best thing to do is put in a check on login to see if the domain has been configured. You can use the licensing API to check for a marketplace install record or directory API to check user permissions if those matter for your use case.
If you just need to run a background task, you can periodically poll the licensing API to detect new installations of the app. This shouldn't be done too often, so if you need to do things before a user logs you're still better off going with a check on login to route them to the setup flow as needed.
I'm developing a google apps marketplace app. There's the Test install flow button on the dashboard, but I'd like to test installation on another domain of ours - to see that permissions, token etc. work as expected. Is there a way to install an (it's non published yet) on a domain which is not related to development?
Found a solution, this was surprisingly straightforward, but it worked for me:
Open two browser windows, one for your dev account (dev.com) and one for the domain you wish to test on (test.com)
In you dev account, go to the dashboard and click the Test installation flow button
In the popup that you get, go to the address bar and copy the link
Now go to the browser with your test.com domain, and enter this address
You'll be asked to login, and then you'll get the consent screen
You should now see the app in your test.com`s marketplace apps list
You can do this by creating a new application in the chrome web store.
Make sure that you create this application in the web store with an account that belongs to the given domain. Next, restrict access to your domain.
Finally, you can install the application on the domain.
I've been working as a consultant on an Android project that uses Google oAuth2 to authenticate and identify it's users. The Android project is in production and available for download on Google Play. The oAuth client ids and the entire Google API project was setup by me using a Google Apps e-mail address setup in my name on the client's domain.
Since the project has been released and my work with the client is finished my e-mail address has been deactivated and subsequently deleted (or so it seems, the client claims to not being able to recreate it). Since my e-mail account was set as the owner of the API project the deletion of my e-mail address has resulted in the deactivation (or deletion) of the API project as well. This has of course seriously crippled the app in question.
To get things up and running again a new e-mail address was set up for me on the client's domain and I created a new API project. The problem is that I'm unable to create the oAuth client ids since the packagename and SHA1 key are the same as for the app already live. I get the "This client ID is globally unique and is already in use" message and I seem to be stuck in a very awkward situation. I see a couple of possible solutions but I'm not sure how to proceed:
Reactivate the original e-mail address in the hope that the API project is still linked to that account
Reactivate the Google API project with the help of a Google engineer and assign it to an e-mail account on the client's domain
Delete the client ids from some Google database with the help of a Google engineer and setup a new API project and release a new version of the app.
Worst case: accept the loss, change package name, release a new app and kindly ask users to migrate to the new app.
I've read that Google monitors the google-oauth tag here on SO and I hope to get some help either from the SO community or Google itself. Many thanks in advance!
In the future, please coordinate for long-term ownership of the project, since the Google accounts that own the project are an important aspect of Google's authorization system. For instance, the owner of the project signs ToS for accessing the APIs on behalf of users.
I will follow up with you to find a way to sort out this issue.