Remove This Application Was Created By A Google Apps Script User -

How to Remove the "This application was created by a Google Apps Script user" Header

If you have ever built a web app using Google Apps Script (GAS), you have likely encountered the persistent gray banner at the top of the page that reads: "This application was created by a Google Apps Script user."

While Google includes this for security and transparency—to ensure users know they aren't interacting with an official Google product—it can be a major eyesore for developers trying to create a professional, branded experience.

In this guide, we will explore the reality of this disclaimer and the best ways to work around it. Can You Directly Remove the Banner?

The short answer is no. There is no "off switch" in the Google Apps Script settings to hide this banner.

Because the web app is hosted on the ://google.com domain, Google injects this iframe header as a security measure to prevent phishing and spoofing. Even with a Google Workspace (formerly G Suite) Business or Enterprise account, the banner remains.

However, depending on your technical skills and how you intend to share the app, there are three primary workarounds. Method 1: Embedding the Web App in an Iframe

The most common way to "mask" the Apps Script environment is to embed your Google Apps Script URL into your own personal or business website.

Deploy your Script: In the Apps Script editor, click Deploy > New Deployment. Select Web App and set "Who has access" to Anyone. Copy the Web App URL: It will look like https://google.com.

Embed on your Site: Use the following HTML code on your own website:

Use code with caution.

The Result: While the banner still technically exists inside the iframe, it stays contained within that frame. If you style your website correctly, the banner feels less like a "system warning" and more like a small footer or header element within a specific window. Method 2: Using a Custom Domain with a Proxy (Advanced) How to Remove the "This application was created

If you want to completely strip the banner, you cannot host the app on Google’s servers directly. Instead, you can use a "proxy" or a middle-man server.

Using a service like Cloudflare Workers or a simple Node.js/Express server, you can fetch the HTML content from your Google Apps Script, strip out the Google-injected header tags, and serve the cleaned HTML on your own custom domain. Pros: Complete removal of the banner; professional URL.

Cons: Requires significant coding knowledge; may violate Google’s Terms of Service regarding masking the origin of the script.

Method 3: Switching to Google Cloud Run (The Professional Path)

If the "Created by a Google Apps Script user" banner is a dealbreaker for a professional project, it may be time to move beyond Apps Script.

Google Apps Script is designed for quick internal tools. For client-facing applications, developers often migrate their logic to Google Cloud Run or Firebase Hosting.

Cloud Run: Allows you to run code in any language (Python, Node.js, Go) without any forced headers.

No Disclaimers: Since you are hosting the environment, Google does not inject any security banners. Why Does Google Put It There?

It is important to remember why this exists. Google Apps Script allows anyone to write code that can access Google Drive, Gmail, and Calendar data. Without that banner, a malicious actor could easily build a fake "Google Login" page that looks identical to a real one. The banner serves as a "Proceed with Caution" sign for the end-user.

To summarize your options for dealing with the "This application was created by a Google Apps Script user" message:

Accept it: For internal company tools, it is rarely an issue. Step 1: Create a Google Cloud Project (GCP)

Iframe it: Embed it into your own site to make it feel like part of a larger dashboard.

Migrate: If branding is paramount, move your project to a dedicated hosting platform like Firebase or Vercel.

By understanding these limitations, you can better plan your project's user experience from the start.

Removing the "This application was created by a Google Apps Script user" banner is a common goal for developers looking to create a more professional-looking web app. This banner is a security feature by Google to alert users that the application was not created by Google itself.

While there is no single "off" switch in the settings for free accounts, you can use these methods to hide or remove it: 1. Embed the Web App in Google Sites

The most effective "native" workaround is to embed your Google Apps Script web app into a Google Sites page.

When a web app is viewed through an embedded frame on a Google Site, the banner is typically suppressed for visitors.

This is the preferred method if you want a professional presentation without requiring users to install anything. 2. Verify Your Project with Google Cloud (GCP)

For a permanent and official solution, you must associate your script with a standard Google Cloud Project and go through the OAuth verification process.

Create a GCP Project: Link your script to a new project in the Google Cloud Console.

Verification: Submit your app for verification. Once Google verifies you as a "verified publisher," the banner is removed for all users. Open your Apps Script project

Note: This process can be technical and may take several weeks to complete. 3. Use within a Workspace Domain

If you are part of a Google Workspace (formerly G Suite) organization:

The banner is generally not shown to other users within the same domain as the script owner.

For users outside your domain, the verification process (Method 2) is still required to remove the warning. 4. Client-Side Browser Extensions (Personal Use)

If you only want to hide the banner for yourself or a specific set of users, you can use browser-based tools: Google Apps Script remove warning banner - Stack Overflow

Here’s a full guide you can use to remove the message “This application was created by a Google Apps Script user” from a Google Apps Script web app.

Step 1: Create a Google Cloud Project (GCP) for your script

By default, Apps Script uses a hidden default GCP project. To control trust settings, you must switch to a standard GCP project.

Open your Apps Script project.
Click on the gear icon (Project Settings).
Under “Google Cloud Platform (GCP) Project,” click “Change project.”
Enter your GCP project number (create one for free at console.cloud.google.com).

Final verdict

| Situation | Can you remove the line? | |-----------|----------------------------| | Unverified external app | ❌ No | | Internal Workspace app | ⚠️ Changes to domain name | | Verified public app | ✅ Yes (replaced with your name) |

If you just want a clean user experience for a small tool, consider making the app internal or hosting it on another platform (e.g., Glide, Bubble, or a simple Node.js server).

The banner "This application was created by a Google Apps Script user" is a built-in security disclaimer designed by Google to warn users that the application has not been verified by Google and may be untrustworthy. Direct Solutions

There is no single "off" switch in the script settings, but you can remove or hide it using these methods:

Embed in Google Sites: The most reliable official method is to embed your web app URL into a Google Site. When viewed through the Google Sites interface, the banner is typically suppressed.

Self-Hosting via Iframe: You can host a simple HTML file on your own domain (e.g., via GitHub Pages) and embed the Apps Script URL within an </code>. While the banner may still technically exist within the frame, it is isolated from your main site's branding. Google Workspace Accounts: For internal apps, the banner is often not shown to users who are part of the same Google Workspace domain as the script owner. Why the Banner Exists Security & Phishing Prevention: Google uses this banner to prevent malicious actors from creating fake login pages or data-collection forms that look like official Google products. Verification Status: The banner appears for scripts that have not undergone the formal <a href="https://support.google.com/googleapi/answer/6158841?hl=en">Google Workspace Add-on verification process</a>. Even with a verified brand, simple web apps may still trigger it if they are not published as official Add-ons. Limitations and Technical Challenges CSS/JavaScript Blocking: You cannot hide the banner by adding CSS like <code>display: none</code> directly to your Apps Script HTML file. Google hosts the banner in a parent frame with a different origin, and browser security policies (<a href="https://stackoverflow.com/questions/33635284/google-apps-script-remove-warning-banner">Same-Origin Policy</a>) prevent your script from interacting with or hiding elements in that parent frame. Browser Extensions: While browser extensions can hide the banner locally for a specific user, this will not remove it for external clients or visitors to your web app. Executive Recommendation For a professional, "white-label" experience: Use a Google Workspace Business or Education account to host the script for internal users. For public-facing apps, embed the script into a parent website or Google Site to mask the standard Apps Script header. Ensure your script is associated with a <a href="https://developers.google.com/apps-script/guides/projects">Standard Google Cloud Project</a> rather than a default project to improve brand credibility. Are you building this app for internal team use or for external clients? Based on your request, it sounds like you are either trying to remove a specific "Paper" application from your Google environment, or you are trying to stop a script that is automatically creating documents or emails with that subject line. Here is a guide on how to troubleshoot and remove this, depending on what exactly you are seeing. <h3>Step 3: Publish the app as “Trusted”</h3> When your script uses an Internal OAuth consent screen, Google Workspace users in your domain will no longer see the scary warning. Instead, they will see a standard OAuth permission dialog without the “unverified app” message. Limitation: This only works if every user is in the same Google Workspace domain as the developer. External users will still see the full warning. <hr> <h3>4.2 HTML Proxy with Domain Masking</h3> This method removes the visible footer by masking the GAS URL behind your own domain using a reverse proxy. How it works: <ul> <li>Your custom domain (e.g., <code>app.yourcompany.com</code>) points to a lightweight proxy server (NGINX, Apache, or a Cloud Function).</li> <li>The proxy fetches content from <code>script.google.com/macros/s/.../exec</code>, rewrites HTML to strip the footer element, and serves the modified page.</li> </ul> Example NGINX configuration: <pre><code class="language-nginx">location / proxy_pass https://script.google.com/macros/s/AKfycb.../exec; proxy_set_header Host script.google.com; sub_filter '<div class="footer-branding">' '</div>'; sub_filter_once off; proxy_ssl_server_name on; </code></pre> Advantages: <ul> <li>Full branding control.</li> <li>No Google attribution visible.</li> </ul> Disadvantages: <ul> <li>Requires a VPS or cloud proxy (e.g., Google Cloud Run, AWS Lambda).</li> <li>Adds latency.</li> <li>Must respect Google’s <code>robots.txt</code> and rate limits.</li> </ul>