I want to submit my first app to the windows market place but while trying to find out the certification process I become confused if I need an about page (that contains support information) or not.
Yes you do need to include some information which is probably best to have on an about page. See 5.6.1 in certification requirments
An app must include the app name, version information, and technical
support contact information that are easily discoverable.
If you use the location API you will need to have a privacy policy in the app or linked in the app (requirement 2.7.2, also 2.7.4 is relevant):
The privacy policy of your app must inform users about how location
data from the Location Service API is used and disclosed and the
controls that users have over the use and sharing of location data.
This can be hosted within or directly linked from the app. The privacy
policy must be accessible from your app at any time.
Same goes for if you upload pictures, contacts etc from the app (see 2.8).
Ofcourse this information does not require a dedicated about page, but as they write, should be easy to find for the user.
And if you don't want to spend to much time on your about page and still want it to look great, take a look at this opensource project!
http://ylad.codeplex.com/
It comes as a nuget, so easy to add in your wp7 project! http://nuget.org/packages/YLAD
Related
I need to have access to Calendar information from a company's G Suite accounts, to synchronize data with the company system through a API.
When I need to provide access to my own data, there is a fairly simple way to do it. Using Oauth2, through a login window the user allows the API to access the requested data.
But in the G Suite documentation, the path indicated when involving the administrator and company data, involves the administrator accessing admin.google.com, go to the security-related session, and manually register my API, listing the scopes that he wants to grant me access.
To make a parallel, in Microsoft Graph there is a way to request consent from the domain administrator, where only a user consent / admin consent screen is displayed using Oauth2.
I wonder if there is a way to get this type of access in G Suite without requiring the end user to take such complicated steps to make my API work properly.
UPDATE:
This question was originally posted in 2019, does anyone aware if something was changes since then?
You should use the Marketplace SDK for this. This allows you to publish an application to the Google Workspace Marketplace where company admins can choose to install it for their domain.
There are a couple things to keep in mind:
There's an expectation that your application will have some sort of user facing presence (e.g. add-on, link to web app, etc).
Google will review your app before publishing. Since you're not using Gmail or Drive scopes (for these, Google requires a 3rd party security review), this process should not be too difficult. But plan for it to take some time, and follow the best practices so it's done right the first time.
You also mentioned synchronizing calendars. If that means mainly reading, no problem, but if you're writing (a lot at once), be mindful of calendar use limits. These are per user and for all activity by that user (not just your app).
When submitting an app to the Mac App Store it's asking me this questions:
Content Rights
Does your app contain, display, or access third-party content?
Do you have all necessary rights to that content or are you otherwise permitted to use it under the laws of each App Store territory in which your app is available?
My app uses the Safari component to display web pages, so, it can display third party content, and I believe I don't need any permission to do so the same way any other vendor doesn't need permission to produce a browser.
Using the component to wrap an entire site to make it look like an app and present it as your own is probably an "offense". But clearly showing that web pages are loaded and displaying them as they were intended by the website creators could not be an offense. It would go against the entire structure of the WWW.
If some people actually do put websites on the publicly accessible web and want to keep it private they did something wrong to start with :). It can't be the responsibility of each and every browser developer to keep track of that.
And a browser is a browser, if it's on a mobile device or a desktop.
So it would be ground breaking if this would be judged otherwise. And if it was, it could probably easily be contested. Not to mention the sh*t storm that it would start online if this was their public stance :)
The only source I could find on it is here, where it says that it is "most likely to affect apps which use the brand names or logos of other companies". You are not displaying third-party content, you are displaying a browser. Unless that browser window is filling up the entire screen (so that it seems like they are not seeing a webpage) and you make it seem like that website is part of the app, I can't see why they would stop your app.
I would think that you don't need to say that you access third-party content at all, and if Apple disagrees then they may pull your app. But as you say, it would be the same as every browser app. Either the safari component is third-party content, so no browser should be allowed as they show content that they do not own, or it's not third-party content and you should be OK.
If what you are trying to do is displaying any webpage on your own browser using the Safari component you already have the rights to display it. If the owner of the content doesn't want you to display it the webpage would require a username/password to access the content. This is an implicit "contract" when you create a public site on the internet, anyone can see it/use the information provided. If there is an explicit ban of some domains due to government laws your application will not be able to access the site from that location (like use to happen on some mid-east countries/china) but the block will be on the physical network and you don't need to worry about it.
If you can access the domain from the application in any given location, you can display the content "as is" without any modification or claim of property, this is probably not obvious but you cannot claim that you produced the content, you can however display it and use it. IF the site has a protection requiring the user to provide a username/password, you can still display the login/home webpage without any explicit permission, this permission is already granted because it is public. Once the user of your application inputs a username/password "his" session will be granted the required permission to access the remaining content, again since the server sends you the information you can still display it "as is". In the case that your application stores the username/password for later access you need to explicitly inform the user about this, moreover he needs to agree on that. You can use those credentials to access the site later for that user. You cannot store the username/password to automatically login a user different than the owner of the account nor use yourself the contents of the protected webpage trough any means (i.e. scraping and storing for later use).
In short, if you can access the website you can display it as is and that's legal. If the site is protected you can still display what the server sends you (probably home page + some login webpage/option). You can let the user interact with the webpage like any other browser does and he can log in to the protected webpages and you have the right to display that content for that user, not to store it or duplicate/publish/etc.
You can not: show a webpage and claim you built it, unless you have explicit permission from the owner/legal representative of the webpage to do so. You can't even change the webpage to "disguise" it is as something that looks like you built it, without you claiming you did.
For a regular browser-like interaction with internet in general, you already have the rights to display the contents of the webpages that are publicly accessible.
Hope it helps!
According to Wikipedia
On OS X, Safari is a Cocoa application.It uses Apple's WebKit for
rendering web pages and running JavaScript. WebKit consists of WebCore
(based on Konqueror's KHTML engine) and JavaScriptCore (originally
based on KDE's JavaScript engine, named KJS). Like KHTML and KJS,
WebCore and JavaScriptCore are free software and are released under
the terms of the GNU Lesser General Public License. Some Apple
improvements to the KHTML code are merged back into the Konqueror
project. Apple also releases additional code under an open source
2-clause BSD-like license.
LGPL ?!
The GNU Lesser General Public License (LGPL) is a free software
license published by the Free Software Foundation (FSF). The license
allows developers and companies to use and integrate software released
under the LGPL into their own (even proprietary) software without
being required by the terms of a strong copyleft license to release
the source code of their own components. The license only requires
software under the LGPL be modifiable by end users via source code
availability.
You are allowed to display any content you wish , Unless the content has copy rights from 3rd party , only then that 3rd party has the right to claim its rights , assume you are displaying a pirated movie produced by Warner Bros in your app , only then this will be illegal , but still is out of Apple's scope.
Under Content and Intellectual Property Rights (guidelines)
8.5 Apps may not use protected third party material such as trademarks, copyrights, patents or violate 3rd party terms of use. Authorization to use such material must be provided upon request
You aren't doing that. You are allowing your app to utilize safari, what the user does from there falls under the same guidelines they accept when they utilize safari. You are just extending your app to use safari. You aren't granting anyone access to content you aren't allowed to use, you're not facilitating the bypass of any locked content, etc.
This can be found on: https://developer.apple.com/app-store/review/guidelines/
We've migrated our app from the old marketplace to the new one. After a few days we've received an email that we don't comply with an SSO policy - the user is not recognized after he installs the application.
In the old app we had a specific setup link, that was opened for the user after he installed the app - thus making him recognizable. Is there such a function in the market? Is there some sort of a callback for the installation event in the new marketplace?
P.S. the guy from Google told me to post technical questions on Stackoverflow and that "Our developer relations team monitors that forum and will be able to assist you."
EDIT:
There's the Additional app setup link in this after-installation popup (which clearly no user will click):
Is there a way to call the URL that of the Additional app setup in the background, without needing the user to click an obscure link?
That was an intentional design change which is different than how it used to work in v1 of the marketplace.
If you need interactive setup, best thing to do is put in a check on login to see if the domain has been configured. You can use the licensing API to check for a marketplace install record or directory API to check user permissions if those matter for your use case.
If you just need to run a background task, you can periodically poll the licensing API to detect new installations of the app. This shouldn't be done too often, so if you need to do things before a user logs you're still better off going with a check on login to route them to the setup flow as needed.
I want to create an app only applicable for one or two domains. And i am trying to follow the doc here, https://developers.google.com/apps-marketplace/listing
I have done all the steps except 7th step, as i don't want it to be published on marketplace.
Also i have got an url after publishing the app in webstore, but when i click on the link it only allow me to add as a chrome extension, but nothing as an market place app?
So now, how can i add it to my domain and any other specific domain i want?
Please let me know if you need more information.
Thanks,
Ramesh.V
You will actually want to publish but make sure you configure the visibility options correctly. In the Developer Dashboard you can make a listing available to your domain, a Google Group of testers, etc. In order to restrict to a domain, the admin creating the listing must be a member of the domain. So in order to restrict to more than one domain, I would recommend creating a unique listing per domain. Many system integrators take advantage of this by creating unique branding per domain. Alternatively you could use the Google Group route if that's all you need.
Microsoft's policy says:
The following requirements apply to applications that receive the
location of a user's mobile device:
2.7.3 Your application must provide in-application settings that allow the user to enable and disable your application's access to and use of
location from the Location Service API.
I included ID_CAP_LOCATION in my manifest for an AdMob (google mobile advertising) control only - Do I need to add that in-app settings disabling location and tell user that the application uses location services on the first launch for successfully passing the certification?
In Google's own documentation, they say:
Google asks that you only specify location data if that information is already used by your app
The suggested interpretation of Microsoft's certification guidelines would be that to be accepted on the store, if you're going to use the location of the user (even if only to pass to an advertising control) you should be up front about that and allow your customer to disable that option.
So, to summarize, I would suggest not using the location unless your app has another reason to do so (to keep Google happy), and if you choose to use locations, I would recommend being up front with (one-off) message on first launch, and the ability for your customer to disable it (to keep Microsoft happy).