(Packaged Chrome App) chrome.identity.getAuthToken requires "key" in the manifest.json

Question

Struggling with a conflict between my development environment and the the Chrome Web Store.

Basically, I have a feature in my app whereby a user can log into the app using their Google+ account and everything works locally with a "key" value set in the manifest.json however the Chrome Web Store prevents any app from being uploaded with this "key" in the manifest.json.

If I remove the "key" entry from the manifest then chrome.identity.getAuthToken no longer works.

Does anyone have any clue as to how I can keep the getAuthToken function working without the "key"?

Answer 1

It turns out that chrome.identity.getAuthToken was still working however when trying to use the app from the Chrome Web Store, there seemed to be some sort of cache that rendered the previous version of the app which cleared after completely removing the app and re-installing it.

To conclude, you need not (and can not) use the "key" value in the manifest.json for the deployment to the Chrome Web Store however you do need it to run locally so two versions of the manifest.json need to be used; one for each environment.

Answer 2

The key is based on the RSA key that verifies that your app is authentic. Chrome Web Store inserts it in your app after you upload it. Here's an existing Stack Overflow answer that explains it.