Remove This Application Was Created By A Google Apps Script User ◎
To prevent this, Google forces a sandboxed environment ( IFRAME ) for Apps Script web deployments. The banner is injected outside of your HTML code’s scope. It serves as a visual indicator that the script developer—not Google—is responsible for the application's content and data handling practices. The Myth of the CSS and JavaScript "Fix"
Some developers use browser-based tools to hide the banner on their own screens, but these .
Google will email you with questions or approval. Once approved, your OAuth consent screen will show a checkmark (“Verified”). Your users will then see a clean permission dialog without the “created by a Google Apps Script user” warning.
The message "" is a mandatory security banner displayed by Google on web apps created with Google Apps Script. It is designed to alert users that the application was not created by Google and may request sensitive permissions. To prevent this, Google forces a sandboxed environment
Instead of rendering HTML via the doGet() function using HtmlService , you return data using ContentService . Step 1: Set up the Apps Script Backend
, the banner is often suppressed. For this to work, you must set the X-Frame-Options in your Apps Script code to allow embedding: javascript HtmlService.createHtmlOutputFromFile(
Ensure your script project is tied to a account rather than a free @gmail.com personal account. Open your script editor at Google Script Projects . Click Deploy > New Deployment . Select Web App as the deployment type. The Myth of the CSS and JavaScript "Fix"
A verified status is more than just the absence of a warning; it's a badge of trust. When your app goes through Google's verification process, it assures users that your application is non-malicious and that Google has reviewed its data access practices. This can significantly increase user adoption and confidence in your product.
In this article, we will explore exactly why this message appears, the different contexts in which it shows up, and the step-by-step methods to remove it—from simple workarounds to full Google Cloud verification.
The short answer is . The banner is injected by Google's infrastructure outside your script's control. Even with Google Workspace (formerly G Suite) paid accounts, there's no official setting to disable this warning banner entirely. According to Google's Issue Tracker, this is a known behavior that Google hasn't provided a solution for. Your users will then see a clean permission
The banner version you see in web apps is a distinct measure from the "unverified app" screen that appears during the OAuth consent flow, though both stem from the same underlying security philosophy. The OAuth screen is more severe, requiring users to click through a warning before granting permissions.
| Use Case | Recommended Method | Effort | |----------|--------------------|--------| | Internal company tool | Google Sites embedding | Low | | Public customer-facing web app | HTML proxy + custom domain | Medium | | Google Workspace integrated tool | Marketplace add-on | High | | One-time demo | Accept the footer | None |