Tho Digitals
Internal#legal#oauth#google-marketplace#internal

OAuth Verification Template — Internal Reference for ThoDigitals Add-on Submissions

Reusable copy-paste answers for Google Workspace Marketplace + OAuth verification submissions. Internal reference for ThoDigitals admins.

ThoDigitals

On this page

⚠️ Internal reference page. Copy-paste these answers when submitting any ThoDigitals Google Workspace add-on through the OAuth verification flow at Google Cloud Console.

0. Standard URLs

Application homepagehttps://shop.thodigitals.com/tho-alerts (replace per add-on)
Privacy policy URLhttps://shop.thodigitals.com/privacy
Terms of service URLhttps://shop.thodigitals.com/terms
Authorized domainthodigitals.com
Support emailsupport@thodigitals.com
Developer contactsupport@thodigitals.com

1. App description (when prompted by Google)

Use a 1-paragraph version of the product's landing page. Example for THO Alerts:

THO Alerts is a Google Workspace add-on for Google Sheets that lets users monitor cell changes and send real-time notifications to 10 channels (Email, Slack, Discord, Telegram, Microsoft Teams, Google Chat, Larksuite, Zapier, Make, n8n). Users define rules (a sheet range + a condition like "contains" or "matches regex" + a destination), and the add-on uses Google's native onEdit trigger inside the user's own Google account to fire alerts when a matching cell changes.

2. OAuth scope justifications (Limited Use Disclosure)

For each scope, paste a short justification. Templates below for the scopes our add-ons commonly use:

2.1 auth/userinfo.email

We use the user's email address solely to bind their Pro license to their Google account. The email is sent once during license activation to our license validation server (shop.thodigitals.com), then stored locally inside the add-on's PropertiesService. It is not used for marketing, advertising, or any other purpose.

2.2 auth/userinfo.profile

We use the user's display name only to personalize the add-on UI (e.g., showing "Hi, [Name]" in the sidebar). The name is never sent to our servers or shared with any third party.

2.3 auth/spreadsheets.currentonly

The add-on monitors only the active spreadsheet to detect cell changes that match user-defined alert rules. We use the narrowest-possible scope (`currentonly`) instead of the broader `spreadsheets` scope to ensure we cannot access any other file in the user's Drive. Spreadsheet contents are read in-memory inside the user's Google account and are never transmitted to our servers.

2.4 auth/script.send_mail

When the user configures an "email" channel for an alert rule, we use Apps Script's MailApp service to send the alert email from the user's own Gmail/Workspace address (improving deliverability). Emails are sent only when a user-defined cell condition matches; no marketing or unsolicited emails are sent.

2.5 auth/script.scriptapp

The add-on creates and manages an installable onEdit trigger so that alerts fire in real time when cells change. The scriptapp scope is required for the add-on to programmatically install, list, or remove its own triggers (e.g., when the user disables a rule or uninstalls the add-on). No other scripts or projects are accessed.

2.6 auth/script.container.ui

This scope allows the add-on to render its sidebar and dialog UI inside Google Sheets, which is the primary surface where users configure alert rules, view usage statistics, and manage their license.

2.7 auth/script.external_request

When a user configures a webhook channel (Slack, Discord, Telegram, Teams, Google Chat, Larksuite, Zapier, Make, or n8n), the add-on POSTs a JSON payload containing only the alert message (no raw spreadsheet data unless the user explicitly templates it in) to the URL the user provided. We also use this scope to validate Pro license keys against our shop.thodigitals.com endpoint. The list of allowed URLs is restricted by the urlFetchWhitelist in the manifest.

3. "How will your application use Google user data?"

THO Alerts (and our other add-ons) use Google user data exclusively to provide the user-facing features described on the product page: monitoring user-selected spreadsheet ranges, evaluating user-defined conditions, and dispatching alerts to user-configured channels. Data is processed in-memory inside the user's own Google account via Apps Script. We do not transfer spreadsheet contents to our servers; only an OAuth-derived email is sent once during Pro license activation, and only the license key + email tuple is stored on our license server. We do not use Google user data for advertising, machine learning training, profiling, or for any purpose beyond the user-facing features of the add-on.

4. "How does your application store user data?"

The add-on stores its configuration (user-defined alert rules, paused state, recent alert history) inside Google Apps Script PropertiesService — a private key-value store scoped to the user's spreadsheet and Google account. This data is never read by us and is automatically deleted when the user uninstalls the add-on. On our infrastructure (Supabase, hosted on Cloudflare), we store only: order records (email, product, license key), license validation status (active/refunded/transferred), and customer support correspondence. All at-rest data is encrypted and protected by Row Level Security.

5. "How does your application share user data?"

We share user data only with the following sub-processors, each only with the minimum data necessary for their specific function: - Lemon Squeezy — payment processor and Merchant of Record (receives email + order info to process payment, issue receipts, and handle taxes) - Supabase — managed Postgres database (stores order + license records under our control, encrypted at rest, RLS-protected) - Cloudflare — hosting + serverless workers (handles HTTP requests; no persistent storage of user data) - Resend — transactional email delivery (sends order confirmations and license keys) We do not sell, rent, or transfer user data to any party for advertising, profiling, or marketing purposes. We do not use any AI or human review on Google user data.

Each add-on submission requires a YouTube/Loom demo showing:

  1. OAuth consent screen with the requested scopes
  2. Installation flow inside Google Sheets
  3. End-to-end use of the feature (create rule → trigger alert → see notification arrive)
  4. Uninstall flow + data deletion

Standard video URL: https://www.youtube.com/watch?v={video_id}

7. Brand verification checklist

  • ☐ Logo (PNG, 120×120) uploaded
  • ☐ App homepage points to shop.thodigitals.com/{addon-slug}
  • ☐ Privacy policy URL: https://shop.thodigitals.com/privacy
  • ☐ Terms of service URL: https://shop.thodigitals.com/terms
  • ☐ Authorized domain thodigitals.com verified in Google Search Console
  • ☐ Support email support@thodigitals.com is monitored
  • ☐ OAuth scopes match what the add-on actually requests in appsscript.json
  • ☐ Demo video uploaded as Unlisted on the ThoDigitals YouTube channel

8. Adding a new add-on to the Privacy Policy

Whenever you launch a new add-on, update /privacy:

  1. Section 2 (Products Covered) — add a new row in the table
  2. Section 3 (OAuth Scopes) — add a new subsection with the scopes table for that add-on
  3. Submit the updated privacy URL to Google during OAuth verification

9. Reference

← Back to Blog