This feature is no longer something that is in the future. After the development was completed, we had to apply to Google for them to verify our API setup (specifically the Consent Screen you see during the Oauth2 authentication process). When they approved it on 19 Sep 2023, this capability started working for everyone.
How to use this feature is shown in a video tutorial on our tutorials page titled GSC site ownership verification.
Transcript
I just want to give you an update on something I’m doing relative to verifying ownership of sites within the platform.
The way I’ve done it is somewhat controversial because you need to be able to apply an html tag to a page so that the software can go to the page find the tag and verify the site.
So two changes are happening relatively soon.
In a LinkedIn exchange with a new member of the community I came to question a design
decision I had made previously which is while the authentication code and the html authentication tags were applied to a site, so therefore every page on a given site
had the same html tag, you were still verifying ownership of pages one at a time.
Aand it finally occurred to me… why does that even make sense.
You’re not verifying the page you’re verifying the site.
So very soon, maybe even as early as tonight, I’m going to be pushing into production an update where if you verify ownership of a page on a site it verifies ownership of every page on the site, because that just makes sense.
This however, is another change to the site verification that I just want to show you real quick.
So this is a test page on my development system.
When you see it in production it’s not going to look like this at all.
In fact you won’t even see this stuff.
So someone at an agency said to me quite a while ago… well we can’t edit the pages on the sites but we have access to the Google search console properties.
So why can’t you use the fact that we have access to a Google search console property as verification that we have, quote unquote ownership of the site.
So that’s what this is.
I’m going to do this real quick.
I’ll explain in a minute what’s going on but…
I’m going to pick this Google account for purposes of authentication so the Google search console properties that this Google account has access to are being checked now.
This here is part of the authentication protocol handshake.
It’s called OAuth2 and it’s a… really it’s a little more involved than I realized when I started coding it…
But basically the website makes a call to a specific web page, the Google service sends back a code in the URL
You then send the code back.
You get an access token and then you use the access token.
It’s good for about five minutes it seems.
And you use the access token to then say I would like the following information.
And this is independent of Gmail, Google Calendar, Google Analytics, Google Search Console…
They all use the OAuth 2 authentication protocol.
So anyway…
What you can see is this is the URL that was used for purposes of this demonstration.
I stripped off the domain so this is the site that was submitted and even though this says sc dash domain rather than https, it’s a match.
The sc dash domain is the domain properties in Google search console.
So in Google search console there are now domain properties and URL properties.
So if you were given access to a URL property of https or http colon slash slash domain name or if you were given access to a Google Search Console domain property, which
doesn’t have the http or the https…
And they represent it like this…
Either of those is a match.
So anyway I’m going to be implementing this in production relatively soon.
I mean, it’s you know, the core functionality is developed obviously, but I’ve got to knit it into
the content page so that you can actually make use of it.
Then we have to test it and blah blah blah.
But anyway, I just want to let you know that that is a very reasonable request that was made
by two people and it’s going to happen.