Azure-docs: Google authorization issue

@jvdjeery Thanks for your feedback! We will investigate and update as appropriate.

@jvdjeery Can you please elaborate on your ask ? B2Clogin is available to anyone to access your Azure AD B2C service. The new domain for your requests takes the form of . b2clogin.com. Please refer to this to Set redirect URLs to b2clogin.com for Azure Active Directory B2C.

I followed the instructions as it is in the documentation, but Google asked me to review the application to be able to put it into production, when I send the request I get this.

That's my doubt, how to pass the verification to put the app in production.

@jvdjeery I have followed the document steps and I am still trying to understand when you do you need to send Google to review the application as I am able to create the application with client id and secret in the Google developer's portal without any issues.

@jvdjeery We will now proceed to close this thread. If there are further questions regarding this matter, please reopen it and we will gladly continue the discussion.

@SaurabhSharma-MSFT I think I can provide some more information as I'm also seeing the issue that's described here. Setting up the authentication is working fine. However, the issue is that google requires our settings to be validated in order to have a custom logo on the consent screen. Also, once the user tries to login they are going to see an OAuth consent screen that states,

To continue, Google will share your name, email address, language preference, and profile picture with b2clogin.com. Before using this app, you can review b2clogin.com's privacy policy and terms of service.

However, we would prefer that our own domain name be in place of b2clogin.com because the way it reads now makes it look like the user is logging into Microsoft's site rather than our site.

In order to get past google's domain verification we had to add a TXT record to our DNS records for our own domain, but I don't think there's any way for us to do the same for b2clogin.com so that we can proceed with getting our consent screen validated by google. If there is a way for us to validate the domain and satisfy google please let me know the steps. An this support page should probably be updated to provide the steps to do that for everyone else as well.

I've emailed back and forth with google a few times on this asking that they allow our consent screen verification to go forward without verifying b2clogin.com, but I haven't been able to make progress on that side because I don't think the front line support understands the issue. They just asked me to delete the domain from the settings, but the option is disabled since we are using the domain for the redirect URI. Do you think you would be able to work with google on this issue so that they can whitelist b2clogin.com for everyone so that no one else will run into this issue in the future? I'm assuming they already have login.microsoftonline.com whitelisted for this reason.

I'm seeing the same issue with Google Verification. Has there been an answer or workaround for this?

Has Anyone Found a solution to this? I want to add google calendar to my App but i am blocked if i stay with Azure B2C.

@SaurabhSharma-MSFT the issue here is that we want to know how we get past the hurdles in verifying the domain name b2clogin.com

bump, please address.

Client is concerned about Google throttling of OAuth logins to unverified domains, in particular custom.loginb2c.com, which is the display name of the consent screen (as configured from the Google console portal)

@SaurabhSharma-MSFT , can this please be reopened with the information from @atobrandon? we are seeing the same thing and would like to have our logo and domain listed on the google screens, but it will not until google can verify the app. Thank you.

I am also facing the same issue as per mentioned by @atobrandon
https://github.com/MicrosoftDocs/azure-docs/issues/23029#issuecomment-513828110

Currently in talk with Google representatives now.
Any help here would be greatly appreciated.

We're also trying to figure this out. Anyone have an answer? Does having Google verification allow you to change the name of this?

The solution for me was just to repeatedly explain to Google support that b2clogin.com is controlled by MS and doesn't belong to us, so it is impossible for me to add the DNS records they were requesting. After explaining that a few times in various ways, I eventually asked for the case to be escalated and then they did whatever needed to be done on their end to allow us to display our own logo and domain on the consent screen.

The solution for me was just to repeatedly explain to Google support that b2clogin.com is controlled by MS and doesn't belong to us, so it is impossible for me to add the DNS records they were requesting. After explaining that a few times in various ways, I eventually asked for the case to be escalated and then they did whatever needed to be done on their end to allow us to display our own logo and domain on the consent screen.

Yes, Right.
I also tried to repeatedly explain Google support team about what we are using and also shared the documentation URLs to explain our need:
https://docs.microsoft.com/en-us/azure/active-directory-b2c/b2clogin
https://docs.microsoft.com/en-us/azure/active-directory-b2c/

So finally they agreed and approved the domain and app.
It was hard but acceptable :)