Google Authorization Error 400 invalid_request – Compliance with OAuth 2.0 Policy for Keeping Apps Secure

Although they are sometimes confused with one another, when seen from the perspective of an application, authentication and permission are easier to understand. A user’s identification is verified through a user authentication app. An app with user authorization tries to access or modify user-owned assets.

Every OAuth flow concludes with the app getting an access token in order to access or change a user’s account because OAuth was developed as an authorization mechanism. The access token itself in no way identifies the user.

Through numerous services, an app can discover a user’s identity in a number of different ways. One simple approach is for the API to offer a “user info” endpoint that, when called with an access token, returns the name and other profile details of the authenticated user. Even though the OAuth protocol does not necessitate this, several services have embraced it as a standard tactic.

New Changes to Google OAuth

Google has made its OAuth changes and launched its official error message:

“Authorization Error – Error 400: Invalid Request.”

Starting in October 2022, Google has changed the OAuth Process. CompanionLink’s most recent versions are compliant.

If you encounter this issue, you only need to update to the newest version of CompanionLink.

Why Apps Must Comply with the New Google OAuth 2.0 Policy

The Google OAuth framework powers the sign-in and authorization routines for PC and Mac apps, which have evolved over time to keep consumers safer online. Google is discontinuing support for legacy flows and has mandated that developers utilize techniques that provide higher levels of safety, hence the present warning. For instance, an OAuth token is generated on the “This App desire to access” screen, which shows tools for Contacts and Calendar for Outlook Sync.

When Google OAuth Login Will Be Required

If your software is out-of-date, CompanionLink users who have a new Google account, who have recently changed their Google password, or who have just recently reinstalled CompanionLink may experience the Error 400: invalid request pop-up. The Manual OAuth Process link is the quickest workaround. You can use this to obtain an OAuth Token without changing your software.

Updating CompanionLink

If you want a permanent solution, you must update CompanionLink. The required version is CompanionLink v9 (build 9070) or CompanionLink v10 (build 10014 or higher). You might need to sign into your Google Account again using CompanionLink after updating. If you and Google are already in sync, nothing will need to change until the OAuth token is changed.

A free update is available to everyone who has CompanionLink version 9 or a later version.

You Won’t be Able to Sign In with Old Apps

Google is currently rejecting applications that don’t adhere to its security guidelines, which were made public several months ago.

The “OAuth out-of-band” (OOB) flow was created to enable native clients that lack web apps with redirect URIs that will accept the credentials once a user approves an OAuth consent request, per Google’s documentation. A remote phishing danger is presented by the OOB flow. PC applications must switch to a different approach to guard against this issue.

Alternative Programs to Sync Outlook with Google Contacts and Calendar

Even though CompanionLink was prepared for the OAuth change, other sync suppliers might have outdated solutions that need to be replaced. On our Google and Outlook updates, CompanionLink provides a competitive update for a $30 discount.

  • Sync2
  • gSyncit
  • OggSync
  • Go Contact Sync Mod
  • Outlook Google Calendar Sync

To claim your $30 savings:

  1. Use this link to Buy CompanionLink for Google.
  2. In the “What Motivated You to Purchase” box, enter your past Sync product.
  3. In the Affinity Code Box, type “AUTH22.”.