I'm developing a Chrome Extension (non-commercial, open-source) that extracts information from Gmail messages and creates Google Calendar events.
To avoid the “This app is unverified” warning, I'm trying to complete the OAuth app verification process with Google. The only sensitive scope I’m requesting is:
https://www.googleapis.com/auth/calendar However, the verification process requires me to provide:
A homepage URL, and A Privacy Policy URL
Both hosted on a domain I own and have verified in Google Search Console, as described in this official guide: 👉 Google OAuth Verification Requirements
As an independent developer building this for free (with no monetization plans), I really don’t want to pay for a domain name just to host a homepage and privacy policy.
🧩 My questions: Is there any way to complete OAuth app verification without buying a custom domain?
Is it possible to use GitHub Pages or Firebase Hosting with their default domains (e.g. yourproject.web.app) and have them accepted by Google?
If not — is there a recommended workaround for small, non-commercial projects like mine?
Thanks in advance 🙏 Any help from fellow devs who went through this process would be really appreciated.