How do I request data securely via Google OAuth?

Question

Until recently users of my site were able to import data from Google, via OAuth. However, recently they have received the warning below, in a yellow box, when authorising (although the import still works).

I've also noticed this same warning on Facebook's GMail authenticator!

What's changed / am I missing?

This website is registered with Google to make authorization requests, but has not been configured to send requests securely.

If you grant access but you did not initiate this request at www.foo.com, it may be possible for other users of www.foo.com to access your data. We recommend you deny access unless you are certain that you initiated this request directly with www.foo.com.

(The site is written in Zope/Python, but the step/documentation I'm missing is more important)

Answer 1

Did you try Googling the error message? Doing so took me to this page, which states:

Registered with enhanced security: Registered applications with a security certificate on file can use secure tokens. The Access Request page removes cautions, displaying this message: " Google is not affiliated with , and we recommend that you grant access only if you trust the site."

See their docs, step 4, "Upload a security certificate" for more details.