Can someone advise…
If I use this plugin, do I still need to go through a security audit with Google?
I have this idea for a Bubble app that would check users’ incoming emails, with their permission. It would only require access to email headers, not bodies, so would come under the “metadata” scope, nothing more. Nevertheless, the “metadata” scope still sits in the “Restricted” range, which needs some sort of security process with Google.
Needless to say, I won’t be paying Google $15,000 to $75,000.
I’m interested in building it, but wouldn’t want to waste my time on something that can’t go anywhere.
I think I might have read that your app includes the “metadata” scope but goes beyond that, which may cause Google additional suspicions.
Is there any documented case of Google successfully passing an app created with this plugin through a security audit?
Thanks!