Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Hi everyone, I'm wondering whether anyone has had the following issue.
I have a website which integrates with Kratos and I've setup Google login which works fine in a browser.
However when the website is opened through the instagram app I get the following error from Google.

```Access blocked: website's request does not comply with Google's policies.
Website's request does not comply with Google's 'Use secure browser' policy. If this app has a website, you can open a web browser and try signing in from there. 
You can also contact the developer to let them know that their app must comply with Google's 'Use secure browsers' policy
Error 403: disallowed_useragent```

`disallowed_useragent` tells me that the browser Instagram uses to open pages _within the app_ is not secure enough for Google to allow signing in through it. It's Google's policy

I believe best you can do is detect the Instagram browser yourself and ask users to open the website in their standalone browser

I've been looking around it seem like this is the best option. I was hoping there would be a smoother solution