Context:

• A sizable number of marketplace app installs are done using the Marketplace OAuth link(example). These links are embedded in third-party products' integrations page that allows integration with HighLevel.

• This is similar to the Google OAuth link, where Google informs the user that an external site is about to access their account data and seeks your confirmation to proceed

• When users arrived on this site, until today, they weren't made aware of which permissions the app was getting access to from their accounts.

What's new?

• We have created a new OAuth page where we give users a heads-up about the app they're about to install and inform them about the permissions the app will have access to.

• If a private app attempts to access sensitive permissions, such as user.write, we explicitly warn the user.

• This feature is also available on the Marketplace's grey-labeled OAuth page(example)

Why is this important?

This feature provides sufficient details to users, allowing them to make informed decisions about the API access they're granting to third-party apps and thereby securing their accounts from unauthorised access.

Preview Images