Create or select a project for verification
For your app to access and use Google OAuth APIs, it must have a corresponding Google Cloud project. A cloud project allows you to identify your app with Google and set up the configurations needed for your app to access Google APIs.
- If you do not already have a Google Cloud project for your app you need to create one.
- If you have an existing project for your app, select that project and follow the instructions below.
Enable “APIs & Services” for your app
Before you can add any Google product API scopes to your project, the respective APIs will need to be enabled through the API Console. When enabling a Google product API be sure to read and understand the corresponding API documentation
To enable an API for your project:
- Open the API Library in the Google API Console.
- If prompted, select a project, or create a new one.
- The API Library lists all available APIs, grouped by product family and popularity. If the API you want to enable isn't visible in the list, use search to find it, or click View All in the product family it belongs to.
- Select the API you want to enable, then click the Enable button.
- If prompted, enable billing.
- If prompted, read and accept the API's Terms of Service.
Setup OAuth Consent Screen
To set up the OAuth Consent Screen for your project:
- Open the Google API console
- Navigate to "OAuth Consent Screen"
Note that you will go through different paths to get to the OAuth Consent Screen Configuration based on if you are creating a new app or editing an existing app.
- If you are editing an existing app, select "Edit App". Complete the following screens, selecting "Save and Continue" to proceed to the next screen.
- If you are configuring a new app you will not see the “Edit App” button as you are configuring the screen for the first time. Complete the following screens, selecting "save and continue" to proceed to the next screen
Details about different components on the OAuth Consent Screen
The OAuth Consent Screen tells users which app is requesting access to their data and what kind of data (scopes) the app needs. To begin setting up the consent screen, complete the following details on OAuth Consent Screen Configuration. Click “Save and Continue” of each page to move to the next page or step.
Fields |
Detailed Description |
User type |
External: Apps configured with a user type of External are available to any user with a Google Account. Your app will start in the "test mode" and will only be available to users you add to the "test users" list. It is a recommended best practice to have separate cloud projects for development/testing and production/publishing. Once your app is ready for release (publication), create and configure a separate "production" Google Cloud project. You may need to verify your production project (see verification requirements section) before it is available to external users. Internal: Use this designation if your app is for use only by users in your organization. This option is only available for apps created under a Google Workspace Organization. You will not need to submit your app for verification. Learn more here. This field only appears when you create a new app for the first time.
|
App name |
This is the name of the app that would appear on the user's consent screen. |
User support email |
This should be the email address where the user can reach out for support. |
App logo |
This is the logo of the app you want to display on the user consent screen |
App home page |
Link to app home page. See homepage requirements. |
App privacy policy |
Link to app's privacy policy. See privacy policy requirements. |
App ToS |
Link to the app's Terms of Service. |
Authorized domains |
Add authorized domains. See authorized domains requirements. |
Developer contact information |
Contact information that Google can use to contact you and other’s about the app. It is critical to always have this information up-to-date so you can receive important updates regarding your project and app. |
Scopes |
Expresses the permission you request users to authorize for your app and allows your app to access specific private user data from their Google account.
|
Add test users |
This functionality is available only to apps which are still in the “test” phase. This is not available to apps that have been “published” to the “production” state. In this step, add user accounts you want to use to test your app during active development and before submitting for verification. |
Optional info |
This section allows you to provide more details for your app that may help with the verification process. |
Summary |
Summary provides you a one page view of all the details entered for your app including the list of scopes that has been added to your app. |
Create client credentials
Any app using OAuth 2.0 to access Google APIs must possess credentials that identify and authenticate the app to Google's OAuth 2.0 server. To learn how to generate credentials for your project, choose the type of app for which you want to create client credentials.
Prepare and submit for verification
- Publish your app to production.
- Apps in development, testing or staging are not applicable for verification.
- Once your app is ready for verification, publish your app from “testing” to “production” by clicking on the “Publish App” button.
- Once your app is published to production, click “Prepare for Verification” to proceed to submit your app for verification.
- In the next page you will be presented with all the information you have configured for your app. Read through all details to make sure all details are correct and up-to-date, then click “Save and Continue”
- Scope Justification: If your app is requesting any sensitive or restricted scopes, you will need to explain how your app will use these scopes.
- Demo Video: Provide a video that demonstrates the functionality, the OAuth flow of the app and shows how the scopes are being used. See the requirements to know how to provide an effective demo video.
- In the final step, click on “Submit for Verification” to begin the app review process. Once your app is submitted for verification, the OAuth review team will review all the submitted details.
What's next
- Once you have submitted your app for verification, Google's OAuth review team will review your submission against all applicable requirements.
- All communications with the OAuth review team will occur over email to the project owners and project editors configured when setting up your project. Hence it is critical to keep your project contact details up-to-date.
- If your app is requesting access to restricted scopes, the OAuth review team will reach out to you when it's time to start the security assessment.