As of October 23, 2023, Google has made updates so that students under 18 won't be able to access third-party apps unless they have been approved by your school. This can impact students' ability to sign in to TechSmart via Google Single Sign-On (SSO).
To ensure sure your students can sign in and use TechSmart, an IT administrator will need to give the TechSmart app Limited Access in the Google Admin console. They will need to add TechSmart as a Configured App, and Change Access to allow it Limited Access to any student organizational units that need it.
These are Google's instructions for adding a new app:
Add a new app
In App access control, click Manage Third-Party App Access.
For Configured apps, click Add app.
Choose OAuth App Name or Client ID (select this option to later allowlist the app from API exemption), Android, or IOS.
Enter the app's name or client ID, then click Search.
Point to the app and click Select.
Check the boxes for the client IDs that you want to configure, then click Select.
Select who to configure access for:
By default, the top organizational unit is selected. Leave this selected to set access for all users in your organization.
To configure access for specific organizational units, click Select org units, then click + to view your organizational units. Check the desired organizational units, then click Select.
Click Continue.
Choose an option:
Trusted—Can access all Google services (both restricted and unrestricted).
(Optional) To have the selected apps maintain API access to Google Workspace services even when those services have Context-Aware Access policies that apply to API access, select Allowlist for exemption from API access blocks in context-aware access. This option is only selectable for web, Android, or iOS apps added using OAuth client IDs. Selecting this option will not automatically exempt the app from API access blocks. You also need to exempt the app during Context-Aware Access level assignments. This allowlist applies only for the organizational units you specify in step 7.
Limited—Can only access unrestricted Google services.
Specific Google data—Can request data access only to scopes that you specify when configuring the app.
Note: You must include the Google Sign-in scopes required by the app to allow users to sign in with their Google Account.
Blocked—Can't access any Google service.
If you add an app for devices to an allowlist and also block that same app using API controls, the app is blocked. Blocking the app using API controls overrides the placement on the allowlist.
Review settings for the new app, then click Finish.
Users are prompted to consent to add web apps. You can bypass the consent screen in the Google Workspace Marketplace (for approved apps only) through domain installation.
If you don’t use Google SSO to log in to TechSmart, this will not impact you or your students.
Please reach out to our team if you have any questions.