/
How do I identify the publisher of a third-party integration?
Most of the time, the publisher of a third-party integration will be obvious when looking at the Third-party integrations page in the Push admin console.
However, some software providers may not have planned for integration names or details to be visible in a tool like Push, and you may occasionally see a generic integration name like “User Login.”
Finding details on Microsoft integrations
Microsoft integrations provide reply URLs, which give more information about the domain of the publisher. You can find the reply URL when you click on an integration for more details.
Note that if an integration has more than one reply URL, you should examine each one carefully.
Some publishers may use multiple reply URLs for legitimate purposes, such as testing. However, these callback domains are not verified by Microsoft or Google, and only one domain needs to be owned by the publisher, so nefarious publishers may use multiple domains to try to appear legitimate — a recognizable one and one they actually own and use as the callback domain.
Finding details on Google integrations
Google does not supply a source for identifying reply URLs, however, if Google has verified an app, that means it has verified ownership of the domains as part of its brand verification process.
You can often get more information about an app — such as the homepage of the publisher, the support email address, and the terms of service — by performing a command line request using cURL to Google Cloud.
You’ll need to find the project ID and insert that into the cURL in the command, e.g. brand/[project ID number].
% curl -H "Origin: https://console.cloud.google.com" "https://clientauthconfig.googleapis.com/v1/brands/lookupkey/brand/12345678910?readMask=*&readOptions.staleness=0.02s&returnDeveloperBrand=true&returnDisabledBrands=true&key=AIzaSyCI-zsRP85UVOi0DjtiCwWBwQ1djDy741g"You can find the project ID in the metadata section of the integration details pane in the Push admin console. It will be the first number of the App ID, preceding the hyphen.
A sample output from the cURL command looks like this:
% curl -H "Origin: https://console.cloud.google.com" "https://clientauthconfig.googleapis.com/v1/brands/lookupkey/brand/19570130570?readMask=*&readOptions.staleness=0.02s&returnDeveloperBrand=true&returnDisabledBrands=true&key=AIzaSyCI-zsRP85UVOi0DjtiCwWBwQ1djDy741g"
{
"brandId": "19570130570",
"projectNumbers": [
"19570130570"
],
"displayName": "Slack",
"iconUrl": "https://lh3.googleusercontent.com/J5SGBWHMF0_vgcIekl1hEhJ1-_p_zsG3L0i1s_bU2bK_TiSLObT7kK1Le9tnme1h3zA",
"supportEmail": "help@slack-corp.com",
"homePageUrl": "http://slack.com/",
"termsOfServiceUrls": [
"https://slack.com/terms-of-service"
],
"privacyPolicyUrls": [
"https://slack.com/privacy-policy"
],
"brandState": {
"limits": {
"defaultMaxClientCount": 36
}
},
"verifiedBrand": {
"displayName": {
"value": "Slack",
"reason": "APPEALED"
},
"storedIconUrl": {
"value": "https://lh3.googleusercontent.com/J5SGBWHMF0_vgcIekl1hEhJ1-_p_zsG3L0i1s_bU2bK_TiSLObT7kK1Le9tnme1h3zA",
"reason": "APPEALED"
},
"supportEmail": {
"value": "help@slack-corp.com",
"reason": "APPEALED"
},
"homePageUrl": {
"value": "http://slack.com/",
"reason": "APPEALED"
},
"privacyPolicyUrl": {
"value": "https://slack.com/privacy-policy",
"reason": "APPEALED"
},
"termsOfServiceUrl": {
"value": "https://slack.com/terms-of-service",
"reason": "APPEALED"
}
},
"storedIconUrl": "https://lh3.googleusercontent.com/J5SGBWHMF0_vgcIekl1hEhJ1-_p_zsG3L0i1s_bU2bK_TiSLObT7kK1Le9tnme1h3zA",
"consistencyToken": "2020-12-04T13:12:40.648327Z"
}If after investigating further, you do not recognize or trust the integration, you can remove it.