I'm finally spending some time and was going to update the instructions for the client ID section and wanted to validate my understanding from my testing / reading /etc.
There are two paths here:
Publish status from Google: Setting up your OAuth consent screen - Google Cloud Platform Console Help
A regular Google user:
- can only select External as Internal is not presented
- Publishing status of testing means token expires in 7 days and must be reconnected
- Publishing status of production removes that but seems to require a bunch of items sent to Google. Not sure if they check it or not. Can someone confirm if they have done it?
A GSuite user:
My use case is only users in my domain so I use:
-
Testing App / Internal - This means that only users in my org can get API keys. There is no expiration here. I've used this for months/years with no issue
-
Change to External, you have to make this Testing (which I assume gives the previous issue) and if you promote to production do you have to jump through the same hoops? This allows users outside of your org to use your keys.
Any other thoughts / things I may not have right or anything else to add before I finalize the pull request?