Failing to set up Google Photos.

Are the docs just outdated, or did I do something wrong. Is it really this hard to set this up?

Let me answer this first. No, the docs are not outdated – I just ran through all the screens. Apart from a few GUI placement differences, the flow and fields are materially the same. And yes, Google Photos is a lot harder to set up than any other platform (something that I have mentioned in multiple places including the “FAQ” section of the plugin page, as well as the documentation for Google.

Now for your other questions:

?I don’t know if this makes a difference, but the Google Photos album is hosted in a G-Suite non-profit workspace.

It probably does make a difference, but I cannot say for sure since I don’t have a G-Suite account. However, IIRC, the differences are more in terms of internal and external domains.

In any case, the first thing was that there was no way to enter the redirect URIs that the docs said are so important. Maybe if you used “desktop 1” as the type you don’t need it?

Correct – the Desktop client doesn’t need Redirect URIs. I could have made this more explicit in the documentation, however I do list Redirect URIs only under the Web Application option.

There there was the need for a URL to a privacy policy and a URL for Terms of Service.

On the consent screen set up there was a place to upload an icon, which I did, but apparently that also meant I had to get some kind of manual verification, so I removed the icon again.

These are in the Verification section of your OAuth consent screen. Considering that you are the only one using the app you are setting up, you can forgo this step. In the app setup, if you click on the link that says “What if I don’t verify my app?” on the right, you will see this:

Your app will be identified to users by its redirect location or other client data.

Users of unverified apps or your test builds will see an unverified app warning  based on the OAuth scopes in the authorisation request. This warning is to protect users and their data from deceptive applications.

As you are the only user performing authentication with this, it doesn’t matter, as you will see the warning during signing in. See this part of the documentation.

The enabled API list also is different. There are a bunch there but none of them say whether they are enabled or disabled like the docs show. If I click into them they seem to be all enabled, which seems wrong.

The UI has changed a bit here, as that section is only showing you enabled services. However, you should still see the button “+ Enable APIs and Services”, if you are not not already seeing the Photos Library API.

Apparently the Desktop App didn’t work for me. I got:

Access blocked: This app’s request is invalid
You can’t sign in because this app sent an invalid request. You can try again later, or contact the developer about this issue.
If you are a developer of this app, see error details.
Error 400: redirect_uri_mismatch

I’ll try the web app.

After setting up the client ID according to the instructions, it says:
“First, make sure that the “Redirect URIs” listed under?Photonic → Settings → Google Photos → Google Photos Settings → Google Client ID?are present in your API Key settings in Google’s API Console. Instructions are provided above.” However, there is nothing above that talks about setting up API Keys. The screen shots shows a section with API Keys, but nothing talks about creating them.

API Key = Client ID. Google itself uses the terms interchangeably. There is a full section in the documentation that shows how to create them.

However, that comment was about adding a Redirect URI to the API Key. That is documented in point 7b.