Before you publish your Google App Marketplace application, be sure to review the following list of requirements. Adhering to these requirements ensures that your application makes it through the G Suite Marketplace review process smoothly without you needing to make additional changes.
The app must use the core Google Services API
Your application must have a meaningful and obvious integration with one or more Core Google Services. Google provides a wide range of services that your app can use to implement creative and useful solutions for your users. You can create awesome enterprise apps that take advantage of many APIs to integrate services such as Gmail, Google Calendar, Google Drive, or Google Sheets.
The goal of all G Suite Marketplace applications is to appear as if they are completely integrated with Google. Having obvious and meaningful integration with one or more of the core APIs creates the value-add that enterprise customers are willing to pay for!
The app must authenticate using OAuth 2.0
Use OAuth 2.0 integration for user login and authentication. Your application must not use OpenID or OAuth1.0. Any evidence of such usage results in your application failing the review process. See our section on Build Your App for more details on how to implement OAuth 2.0 correctly.
The app must have properly defined scopes
All OAuth2.0 scopes must be defined in the Google API Console, in the OAuth 2.0 scopes section of the G Suite Marketplace SDK. This is essential in order to achieve one-click or zero-click SSO, as described in the following section.
If your app uses restricted scopes, you might need to go through a security assessment. Security assessments are optional for apps that don't use restricted scopes. See Why is the security assessment needed.
The app must use zero- or one-click single sign on
Your application must use one-click SSO, and ideally uses zero-click SSO.
After an admin installs the application for the domain and grants permissions for the Oauth 2.0 scopes, individual users must never be prompted for scope permissions again.
- Users in the domain must never see this page.
- The user should never have to input login credentials after signing into their Google account.
- At most they should only have to click a "Sign in with Google" button to get access to the G Suite Marketplace application.
The app should be verified
Unverified apps present warning screens to users before they authorize. In addition, the number of new users that can authorize an unverified application is subject to a daily cap. This helps protect user data from deceptive applications.
To avoid presenting this screen to your users and the daily cap, verify your application prior to publishing.
The app must use the Universal Navigation Link appropriately
Most Google products have a smallicon near the top of the app; clicking this icon reveals a pull-down menu of universal navigation links that let users quickly access apps:
If your application uses the Universal Navigation Link, make sure that it doesn't take the user to a generic marketing or user sign-in page.
- If possible, the Universal Navigation Link should automatically sign the user into a meaningful account summary page.
- For a great user experience, provide a tutorial or how-to video on the user's first login.
The app must use the Setup link in the SDK for additional in-app set up
If additional setup is required, make sure to provide a Setup URL when configuring your listing using the G Suite Marketplace SDK. Anytime an admin has to complete additional steps to use your application, provide those steps via the setup link.
If the admin has not completed these additional setup steps and a user tries to access the application, they should be presented a graceful and meaningful failure case. For example: "Hello! Your domain administrator needs to set up this application before you can use it. Please encourage them to do so."
Screenshots and images in your app's listing must be correctly sized
Make sure to upload proper sized screenshots and promotional tiles when configuring your app's listing using the G Suite Marketplace SDK. This ensures that your application gets proper placement in the interface shown to admins when they try to install Marketplace apps from the Admin console.
You must monitor the associated email address
Make sure that the email address associated with your Google API Console project is actively monitored. Our review team uses this email to contact you in case your application fails to meet the G Suite Marketplace criteria.