Solving ‘disallowed_useragent’ for Google services

 In CloudRail, Tutorial

Important: This article is written for developers. If you are not the developer of the application where the error occurs, please forward this article to respective developer. Only the owner of the app is able to fix the problem.

Why do I get this ‘disallowed_useragent’ error for Google APIs?

On August 22, 2016, Google released a blog post about “modernizing” the way OAuth should be handled in native applications. The essence of the post is that Google will no longer allow the use of embedded browsers for performing OAuth requests. This is because a user cannot verify the website he sees during the OAuth request. As a result, if you are using these browsers you receive the following ‘disallowed_useragent’ error for Google services like Google Drive or Google Plus (Google+):

disallowed_useragent error message by Google

However, Google also mentions an alternative for each platform. For Android this is “Chrome Custom Tabs” and on iOS it is “SFSafariViewController”. The good news is, this is actually working. But the bad news is, it is way more complex than simply using WebViews. Especially if you are not only integrating Google services but also others like Facebook or Dropbox. In this case you would probably need to handle them differently. If you are smart, you are not implementing this yourself, but much rather rely on an established integration solution. In the following paragraphs we show you, how easy that change is if you are using CloudRail.

What is CloudRail?

CloudRail is an API integration and management solution. We equip you with the tools to easily connect to different APIs within your applications. We take care of pain points like authorization, data conversions and API updates. The SDKs we provide include unified interfaces for several groups of APIs like CloudStorage or Social. This means, you do one integration to access all services within an interface. So, for example, a single API to connect to Google Drive, Dropbox, OneDrive and many more. And the best thing, data flows peer-2-peer (P2P). No middleware involved. Learn more about CloudRail and sign-up free.

Solving the issue with the CloudRail SDKs

If you are new to CloudRail you need to signup to our developer portal in order to obtain a free license key. Without this key you will not be able to use the SDKs. Secondly (in case you don’t have Google API credentials yet), you need to get credentials for the service you want to use. Important: You need to explicitly create credentials for Android and iOS. If you are unsure on how you get them, check the documentation in the “Setup” section for GoogleDrive and GooglePlus on Android and GoogleDrive and GooglePlus on iOS. If you have done all that, take a look at the following example:


iOS (Objective-C)

iOS (Swift)

This sample illustrates how easy to use CloudRail is in general. And if we wouldn’t need to use the external authentication for Google, we would be done already. Unfortunately, to make this sample work, we need to do some more. The SDK will be able to trigger the authentication and a user can login. But due to the fact that there are no WebViews involved the SDK can not just grab the authentication response. To make this work we have to do two things: Tell the OS that the app wants to handle a certain type of URL. The redirect URI that was passed to the service initially. This is achieved by altering the Manifest file on Android and the info.plist for iOS. Add the following pieces:

Add the intent filter to the Activity that triggered the authentication. Notice that we add android:launchMode=”singleTask” to the activity which will prevent Android from restarting your Activity when performing the redirect.

Add the following right underneath the top level.

What we have achieved so far is that we open the external browser for the authentication. And we listen for the redirect that is performed when the user grants access. Now we have to handle the information coming back. For both, Android and iOS this means, implementing a certain method. This method needs to pass the information to our SDK. Here is the code for the different platforms:


iOS (Objective-C)

iOS (Swift)

So, this should be it! No more ‘disallowed_useragent’ errors for Google. If you need more information on any of the topics, take a look at the documentation. If you have trouble integrating, just contact our support.

This article is about how to solve this “403 Error – Thats an error. Error: disallowed_useragent” for Google Drive and Google Plus on Android (Java) and iOS (Swift & Objective-C):

This user-agent is not permitted to make OAuth authorisation request to Google as it is classified as an embedded user-agent (also known as a web-view). Per our policy, only browsers are permitted to make authorisation requests to Google. We offer several libraries and samples for native apps to perform authorisation request in browser.

APIs affected by this issue: Google Plus API, Google Drive API
Solution: Update CloudRail SDK and switch to “External Authentication”

1 Star2 Stars3 Stars4 Stars5 Stars (7 votes, average: 4.14 out of 5)
Recent Posts