When you publish your app, there are 3 main tasks to complete for OAuth:
- Fill out the OAuth consent screen.
- Create your OAuth 2.0 credential.
- Submit your app for OAuth verification.
Learn more about each task below.
1. Fill out the OAuth consent screen
The OAuth consent screen is a prompt that tells users who's requesting access to their data and what kind of data users are allowing your app to access.
For help with filling out the OAuth consent screen, see User consent.
2. Create your OAuth 2.0 credential
If you built your app in Google Apps Script
Switch your Apps Script project from its default Google Cloud project to your new, standard project. See Switching to a different standard project.
After you associate your Apps Script project with the Google Cloud project, your OAuth 2.0 credential is automatically created.
If you didn't use Apps Script to build your app
To create your OAuth 2.0 credential, see Setting up OAuth 2.0.
3. Submit for OAuth verification
If your app uses sensitive or restricted scopes, it must undergo OAuth verification. See How do I submit for verification.
- For OAuth verification, you must submit a demo video demonstrating the journey or flow that explains the usage of the requested scopes or data to users.
- If your app uses restricted scopes, it might also need to go through a security assessment. See Why is the security assessment needed.
How OAuth verification differs from app review
OAuth verification is a separate process from app review. It focuses on making sure that your consent screen accurately represents your app's identity and intent, and makes sure your app doesn't misuse user data. Your app listing cannot be approved until your app's OAuth verification is complete. For more information about OAuth verification, see OAuth API verification FAQ.
App review focuses on the information that you provide in the Google Workspace Marketplace API, and the functionality and usability of your app. To learn more about the app review criteria, see About app review.