If the issue has already been reported, you can click the star next to the issue number to subscribe and receive updates. We prioritize responding to the issues with the most stars. You can also comment on the issue to provide any details of your experience with it.
If your issue has not been reported, please provide all of the following: ----------------------------------------------------------------------------------------------------------------------------- A short description of the issue:
The expected behavior is that an app that is in a "Testing" state would restrict external access to an allow-list of test users. This is what the documentation indicates. However, the observed behavior is that all users, regardless of whether they are on the allow-list, are able to access the application.
A small code sample that reliably reproduces the issue. The sample should run as-is or with minimal setup, without external dependencies.
This is observed through OAuth on the console.
What steps will reproduce the problem? 1. Navigate to the OAuth consent screen (https://console.cloud.google.com/apis/credentials/consent) and click "Make external" 2. Select "Testing" as the publishing type 3. Log into the application with a user that is NOT on the Test users list
What is the expected output? What do you see instead? If you see error messages, please provide them.
Description
First, please search through existing issues to ensure that the bug has not already been reported. You can start the search here:
If the issue has already been reported, you can click the star next to the issue number to subscribe and receive updates. We prioritize responding to the issues with the most stars. You can also comment on the issue to provide any details of your experience with it.
If your issue has not been reported, please provide all of the following:
-----------------------------------------------------------------------------------------------------------------------------
A short description of the issue:
The expected behavior is that an app that is in a "Testing" state would restrict external access to an allow-list of test users. This is what the documentation indicates. However, the observed behavior is that all users, regardless of whether they are on the allow-list, are able to access the application.
A small code sample that reliably reproduces the issue. The sample should run as-is or with minimal setup, without external dependencies.
This is observed through OAuth on the console.
What steps will reproduce the problem?
1. Navigate to the OAuth consent screen (
2. Select "Testing" as the publishing type
3. Log into the application with a user that is NOT on the Test users list
What is the expected output? What do you see instead? If you see error messages, please provide them.
Access denied
Please provide any additional information below.