Updating to the latest Google APIs & Security

Today, we chose to bite the bullet and upgrade all of our extensive Google integrations to their new versions. Because the new versions of Google's APIs use a new security protocol - known as OAuth 2.0 - users with linked Google accounts will need to re-authenticate and give permission to Accelo to access their Google accounts.

Why the Change?

As you probably know, technology changes all the time, and this creates complexities when you get one or more technologies working together - changes have to be coordinated and move together or things break. 

A while ago Google started depreciating or retiring an older form of authentication and security protocol known as OAuth 1.0. While they continue to support version 1.0 in their existing APIs, new features are only being released in the new version of the security standard known as OAuth 2.0. Because Accelo has had strong integrations with Google Calendar, Contacts, Email and more for years, we were able to get by using older authentication standard, but with our recent release of the new Google Tasks Integration we had to make the move to the new version.

Because of the differences in the way the security tokens work between the two versions, the transition caused all of the existing tokens and access approvals to be invalidated. We ask that you to take a minute or so to re-grant access for Accelo to your Google account for our integrations to work for you again.

Reconnecting to Google

Thankfully, the process of reconnecting to Google is easy. When our systems try and connect to Google and are rejected because you haven't reconnected to use OAuth 2.0 yet, you'll see a red bar across the top fo the site. All you need to do is click on the "Reconnect" button, and as long as you have the rights to connect your account (see the note above about Personal Accounts vs Google Apps Domain Admins), you'll be reconnected and up and running again in no time.

If you have a Personal Google Account, a pop-up window will load asking you to approve access to Accelo using the new security protocol.

If you have a Google Apps Domain Admin Account, you'll be teleported off to a special Google Apps control panel page where you'll be able to approve Accelo access to anyone in your company.

If you only have a personal account but it is tied to Google Apps domain which has already been connected to Accelo, you'll be told on Google's end that you don't have permissions to access your domain's control panel - in this case, get in touch with your Google Apps Administrator and ask them to approve the Accelo app at https://www.google.com/a/cpanel/YOURDOMAIN.com/PikeplaceAppSettings?appId=760988276610&licenseNamespace=PACKAGE_GAIAID (Note that "YOURDOMAIN" in this URL needs to be replaced with your actual Google Apps domain).

What is OAuth?

If you're really into the details, you can read about it in Wikipedia. If you've got better things to do, the best way to think of it like a special password - or token - that you give to a third party - such as Accelo - so we can have defined, limited access to your account with someone else (like Google). Because you're using a special token, you're not having to hand over sensitive username and password details, and you can limit the access to your account for just the services the third party system needs - kind of like a valet key for your car.

Not only is this more secure, it also makes it easy for you to revoke or cancel access to an application instantly without needing to change passwords or your own account settings.