This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ Log in to ask a question

Under 18 3rd Party settings applying to Over 18?

MattDPenn
Contributor II

‎10-12-2023 09:43 AM

Has anyone else been seeing this? Had a teacher unable to access their mail via their iphone ever since my coworker and I finished going through the Under 18 3rd Party settings the other day. When I added the relevant apps to said teacher's OU it finally allowed them to log in. Didn't even have said apps in the user requested areas either.

Were there other changes happening with the 3rd Party stuff or does this seem like a bug? Only had the one teacher complain so far and I already confirmed that their OU was set to Over 18. Unsure if maybe just bad timing with their phone deciding to reauthenticate or the other teachers that do the same haven't spoken up yet.

Topics:
0 Kudos
Reply
7 REPLIES 7

Kim_Nilsson
Admin Moderator

‎10-12-2023 09:49 AM

I don't allow access to Gmail unless you use the Gmail app, and can definitely not recommend anyone allowing it.

So much security features you lose when third-party apps for Gmail. You also have to allow other protocols(IMAP/POP) which should both be disabled.

--
https://wheretofind.me/@NoSubstitute
0 Kudos
Reply

MattDPenn
Contributor II
In response to Kim_Nilsson

‎10-12-2023 01:59 PM

Might look into restricting phone email access to Gmail. Still trying to get things up to snuff around here but its a long process.

0 Kudos
Reply

Kim_Nilsson
Admin Moderator
In response to MattDPenn

‎10-12-2023 07:32 PM

Yeah, I started blocking everything new back in 2017, with a crude URL Blocking rule for accounts.google.com/signin, and manually allowing each URL for new client_ids. Messy, and only worked on synced Chrome.

When API Access Control implemented the Block-Everything tick box the quality of my Google Admin life increased substantially. 🙂♥️

--
https://wheretofind.me/@NoSubstitute
0 Kudos
Reply

SteveHarmon
Contributor

‎10-12-2023 10:07 AM

We had a similar thing happen. We had to change one of the services (I think it was account services) to unrestricted to get it to work. The iOS app was marked as trusted, but that restricted setting was messing things up.

0 Kudos
Reply

MattDPenn
Contributor II
In response to SteveHarmon

‎10-12-2023 02:02 PM

If you remember exactly what it was give me a holler. My coworker is going to take a looksee at some point as it sounds like android may be in the same boat. I'm just annoyed because the 3rd party changes should have just been for under 18. Best thought at the moment is something different changed before we tinkered with the under 18 settings but only triggered after people needed to reauthenticate. 

0 Kudos
Reply

Kim_Nilsson
Admin Moderator
In response to MattDPenn

‎10-12-2023 07:36 PM - edited ‎10-12-2023 07:37 PM

Well, only the forced change should affect Under-18.

You should of course already be blocking everything for staff too, or at the latest also do that from the 23 October, to keep the experience the same, and your admin process for new services the same, regardless if it's for staff or students.

--
https://wheretofind.me/@NoSubstitute
Reply

Kim_Nilsson
Admin Moderator
In response to SteveHarmon

‎10-12-2023 07:33 PM

You should definitely report that to both Google and the developer of the app.

--
https://wheretofind.me/@NoSubstitute
0 Kudos
Reply
  • © 2023 Google. All rights reserved.
  • Privacy Policy
  • Terms of Service
  • Community Guidelines