Authentication & Security
Understanding how GMBMantra securely connects to your Google Business Profile
Security First
GMBMantra takes your data security seriously. We use Google's official OAuth2 authentication system, which means your Google credentials are never stored or seen by our systems.
OAuth2 Standard
Industry-standard authentication protocol
No Password Storage
Your Google password never leaves Google's servers
Revocable Access
You can revoke access anytime from Google settings
How Authentication Works
Redirect to Google
When you click "Connect", you're redirected to Google's secure login page
Grant Permissions
You review and approve the specific permissions GMBMantra needs
Secure Token Exchange
Google provides GMBMantra with a secure access token (not your password)
Access Established
GMBMantra can now securely access your business data on your behalf
Required Permissions
GMBMantra requests only the minimum permissions necessary to provide our services:
Google Business Profile Management
Read and manage your Google Business Profile locations, reviews, posts, and performance data.
Basic Profile Information
Access to your Google account email and basic profile information.
Managing Your Connection
Refreshing Access
If you experience connection issues, you can refresh your authentication:
- • Go to Settings → Account
- • Click "Refresh Google Connection"
- • Re-authorize when prompted
- • Your data and settings remain intact
Revoking Access
You can revoke GMBMantra's access at any time:
- • Visit your Google Account permissions
- • Find "GMBMantra" in connected apps
- • Click "Remove Access"
- • Or disconnect from GMBMantra settings
Security Best Practices
Account Security
- Use strong passwords for your Google account
- Enable two-factor authentication on Google
- Regularly review connected applications
- Log out of shared computers
Business Protection
- Only grant access to trusted team members
- Monitor account activity regularly
- Use business Google accounts when possible
- Keep business information updated
Authentication Troubleshooting
Access Denied Errors
- • Ensure you're using the correct Google account that manages your business
- • Verify you have owner or manager permissions in Google Business Profile
- • Check that your business locations are verified and published
- • Try clearing browser cookies and cache before reconnecting
Connection Timeout
- • Check your internet connection stability
- • Disable VPN or proxy services temporarily
- • Try using a different browser (Chrome recommended)
- • Contact support if issues persist
Permission Scope Issues
- • Ensure you grant all requested permissions during setup
- • Don't partially approve the permission request
- • If you denied permissions initially, revoke and re-grant access
- • Check Google Account settings for connected applications
Data Privacy & Usage
What Data We Access
- • Business location information (address, hours, contact details)
- • Customer reviews and ratings
- • Performance metrics (impressions, actions, search data)
- • Business posts and updates
- • Basic Google account information (email, name)
How We Use Your Data
- • Generate performance analytics and insights
- • Provide AI-powered recommendations
- • Create automated reports and notifications
- • Enable review management features
- • Support multi-location comparison tools
Data Protection
- • All data is encrypted in transit and at rest
- • No data is shared with third parties
- • Regular security audits and monitoring
- • Compliance with GDPR and privacy regulations
- • You can request data deletion at any time
Access Token Management
GMBMantra uses secure access tokens to communicate with Google's APIs on your behalf.
Automatic Renewal
- • Tokens are automatically refreshed as needed
- • No action required from you
- • Seamless background operation
- • Continuous data synchronization
When Renewal Fails
- • You'll be notified to re-authenticate
- • Simply reconnect your Google account
- • All your settings and data remain intact
- • Normal operations resume immediately