Apps that access restricted scopes are required to complete a security assessment every 12 months. This 12-month period is calculated from the effective date of the app's previous "Letter of Validation" (LOV).
The OAuth verification team will contact you via email once it’s time for your app to reverify. Keeping your Project Owner and Editor information up-to-date in your Cloud Project Console will ensure the right members of your team are notified of this annual re verification.
How do I prepare for my annual CASA security reassessment ?
- The OAuth verification team will contact you to start the recertification process.
- We will email you instruction on how to complete a CASA security assessment as per the revalidation requirements of CASA framework and receive a renewed "Letter of Validation".
- We require the annual CASA security reassessment to be a comprehensive test of your app, regardless of any changes made to the app.