[IAG] Gmail callback domain will change from http to https due to Google new policy

CTI SC Lv2Posted 29 Dec 2021 16:41

Last edited by CTI SC 29 Dec 2021 16:44.

Warning Name: Gmail callback domain will change from http to https due to Google new policy

Product: IAG
Version: IAM 12.0.25, IAM 12.0.26, IAM 12.0.27, IAM 12.0.40, IAM 12.0.41, IAM 12.0.42, IAM 12.0.44, IAM 12.0.46, IAG 13.0.15, IAG 13.0.18, IAG 13.0.19 and IAG 13.0.47.
Warning Level: 1
Discover Date: 3/6/2021
Related Department: CTI, FAE
Warning Source: -
Bug Phenomena:
Gmail callback domain will change from http to https due to Google new policy, it will cause the Gmail authentication not effect after redirect back to this callback domain link.
2305761cc1fd17092d.png
[Trigger conditions]
1. IAM/IAG with 12.0.25 - 12.0.44 and IAG 13.0.15
2. Using Gmail authentication as Social auth for authentication policy.

[Root Cause]
Due to Google new policy, the Gmail authentication's callback domain on IAM/IAG will force changed from http to https.
The current http callback domain link will no longer to take effect during 12 July 2021 and all callback domain link will force change to https in 13 September 2021.
Please refer to this following notice came out by Google.
https://developers.google.com/identity/protocols/oauth2/policies#secure-response-handling
2421261cc1fdd936be.png


[How to check]
1. Check whether is using IAM 12.0.25 until IAM 12.0.46 and IAG 13.0.15 and later version.
2. Check whether is using the authentication policy with gmail authentication.
2492761cc1fb95d536.png 9862761cc1fc1e4a5a.png

[Solution]
Currently can install the patch on the IAM/IAG which using the Gmail authentication and use the callback domain, then update the callback domain to https in the Google developers setting.
Please contact our TAC for the patch

Trending Topics

Board Leaders