Is Safari anything but a nightmare?
I have an iOS user who reported this fail yesterday:
Access blocked: Pickaxe’s request does not comply with Google’s policies.
Pickaxe’s request does not comply with Google’s “Use secure browsers” policy. If this app has a website, you can open a web browser and try signing in from there. If you are attempting to access a wireless network, please follow these instructions.
You can also contact the developer to let them know their app must comply with Google’s “Use secure browsers” policy.
Learn more about this error
If you are a developer of Pickaxe, see error details.
Thank you for reaching out. The Error 403: disallowed_useragent message is typically triggered when Google sign-in is initiated from a browser context that Google considers non-secure. On iOS, this most often happens when authentication is attempted from an in-app browser.
There are a few things you can try that often help narrow this down or resolve it:
If the Pickaxe is embedded using an iframe, it may be worth testing our JavaScript embed instead. Depending on how the page is structured, this can allow the authentication flow to run in a less restricted browser context.
Ask the affected user to open the page directly in Safari or Chrome, rather than through an in-app browser (for example, links opened inside Gmail, Slack, or social apps).
If the page was opened from within another app on iOS, having the user choose “Open in Browser” before attempting to sign in can sometimes avoid this restriction.
For an immediate workaround, trying a browser other than Safari, or signing in by entering an email address and password instead of using Google sign-in, should resolve the issue.
To help us understand this issue better, could you please let us know:
Which embed type you’re currently using?
Whether the affected user was accessing the page in a standard Safari tab, or from within another app’s in-app browser?
If possible, a screenshot of the error and the steps needed to reproduce it.
Once we have a bit more detail, I can share this with our engineering team and see whether there are adjustments we can make to improve compatibility in these scenarios.
I am still struggling with the app builder, but it appears that @danny_support was right on…the JS embed does not throw any errors on Android, at least, and appears that it may be sharing the Google login.