Gmail is running a security audit of all third-party applications to check and verify all apps that have access to Gmail API. Any app that has the capability to access Google user data from or through a server is expected to undergo an independent (3P) security assessment.

Why has my account been disconnected?

Freshsales accesses the Gmail API for connecting the email, calendar, and contacts and has been mandated by Google to undergo a security audit. Freshsales has commenced the security assessment with BishopFox. Hence, users who have connected their Gmail with Freshsales will no longer be able to use Gmail Oauth until the audit is completed successfully.


UPDATE:

17.2.2020:
 

The security assessment of Freshsales is already underway with BishopFox and is under remediation testing. Once this is complete, Freshsales will receive the letter of assessment. Following this we will be listed as a verified app. Post-verification, all issues will be resolved and users will be able to connect mail, calendar, and contact without any issues. 


What can I do?

Until Freshsales is listed as a verified app, users can use an app-specific password to connect their Gmail with Freshsales. Refer to this article to generate an app-specific password.


1. Go to the 'Security' section of your Google account. 



2. Generate an App-specific password for logging in from your device. 


3. Use the password to connect your Gmail with Freshsales. 

Note: 

  • When signed-in using an app-specific password, the calendar and contact-sync functionality will not work.

  • Data already stored in your Freshsales account will not be lost. 

  • Once the issue is sorted, you will have to reconnect your Gmail.


Once the issue is sorted, reconnect your Gmail using the Single sign-on to enable your gmail, calendar and contacts sync. This will retrieve all historical data.