Reputation: 11
Google OAuth2 acceptable use
I wish to create a single application registered with Google that uses Google's OAuth2 mechanisms to authorize read access to a user's Google Drive content. Then on behalf of that user I want to take that data and expose it via my application as a webservice (proprietary REST API). The webservice can then be consumed by arbitrary 3rd party applications that know nothing about the authorization of my application to access the user's Google Drive.
This is technically possible and not very difficult. My question is whether or not this is an acceptable use of Google's APIs and Google's OAuth2 offering?
Upvotes: 1
Views: 104
Answers (1)
Reputation: 1867
OAuth 2 requires an user to affirmatively say yes to your request. As long as you properly describe what you'll do with it (and what is the nature of these third party apps) then I don't see why you can't.
If you just try to slip in the read scope on a generic-looking request form, than I would say that's a no-no.
Upvotes: 1
Related Questions
- Clarification on Google Authentication and Authorization, with OAuth in 2022
- Google API OAuth2
- Use google oauth2 with Go
- Is Google Documentation outdated?
- Google OAuth2 - Correct Usage?
- How to correctly use Google's Javascript OAuth2.0 library
- Implement google oAuth2
- How do I use OAuth 2.0 just for authentication for Google?
- Google API Oauth 2 with Installed App
- google oauth2 on android