Web Dev Integrating Google Business Reviews - Requires Credentials

Hi there, l'm currently in the process of having my website developed. A friend recommended a freelancer to me.
The website is for my finance business, and it's quite straightforward. I'm also integrating Google reviews for my Google business page.
However, the web developer today informed me that he would require my Google login credentials (email address and password) to set up the integration.

I'm a bit hesitant to share these details with the developer.
Is there an alternative way to proceed? What are the common practices in such situations?

Comments

  • +3

    I expect your Reddit post will get more technical answers (https://www.reddit.com/r/webdev/comments/1h4s8j8/web_dev_int…)

    Summary is I would not be providing my credentials, nor using any third party plugin for WordPress or whatever that requires them.
    If the Dev needs them to setup an API or get an API key, request instructions and obtain them yourself.

    Alternatively, don't just embed random google reviews on your website and instead host actual useful quality content about and made by your business.

  • Like SBOB, I wouldn't been doing an automatic embed of Google Reviews as it could be doing more harm than good. I manually add my reviews and I have done that for other clients as well, it is all manual. Whilst it might seem easier, it may end up costing you business.

    As to why the credentials would be required, that is for authentication for API access. It would be a better solution under your account than giving the DEV access to your GMB profile. If you remove the DEV, then the access and feed through to the site would break.

    A good alternative would be to make a Google account like [email protected] and then give profile access to that, then give the DEV access to that. Its a good way of also providing access to a Marketing Agency should you engage with them in the future. This is what I used to do when I was working at a Marketing Agency. Its seperate and doesn't need the clients direct access plus any other authentication requirements (2FA etc)

Login or Join to leave a comment