Google shuts down Chrome Sync for third-party browsers on Android
If you are using a third-party web browser on your Android device and Google Sync, you may have noticed that syncing stopped working all of a sudden.
Quite a few browsers are based on Chromium, the open source part of Chrome. This is efficient for developers, as they don't have to concentrate on core features such as getting page rendering right or ensuring support for new web technologies, but can concentrate on other areas to distinguish the browser from Chrome, Chromium, and third-party browsers based on Chromium.
Android Police reports that Google has shut down access to Chrome Sync for third-party web browsers on Android. The change affects even Chromium itself, which Google sees as a third-party browser when it comes to Chrome's sync functionality.
Developers filed a bug on January 3, and a Google developer gave the following response on January 24:
We locked down access to chromesync scoped refresh tokens to address a security vulnerability. When we did so, we knew that this may break some 3P browsers which made use of chromesync scoped refresh tokens to leverage Chrome Sync for their users.
Chrome Sync has never officially been supported for 3P browsers. We do not intend to create a solution by which 3P browsers can whitelist themsleves or their users so that they can get chromesync scoped refresh tokens. Note that Chromium for Android is technically considered a 3P browser.
Marking as WontFix, accordingly.
The Google developer mentioned that access was locked down due to a security vulnerability, and that access to the Sync API was never supported officially.
Chrome Sync may still work on some devices, as refresh tokens may still be available. This will change eventually, and new users and those that set up a browser anew will notice that sync is no longer working
You can verify the state of Chrome Sync on your Android device by loading chrome://sync-internals in the mobile browser's address bar.
Check the credentials listing to see if a token has been received, and the server connection under local state. While you may still see a token -- if it was received before Google made the change -- new users will see n/a under received token and an auth error under server connection.
There is nothing that you can do about it. Google stated already that it won't enable sync access for third-party Android clients again, and that there won't be a whitelist as well. Clients may add their own sync functionality, or if available, third-party sync to their browsers.Advertisement