Google OAuth2 - Installed Application - Always seeing a consent screen

Question

I am trying to setup a sign in form inside a C# application. One of the options to sign in is via Google. For this, I am using the Oauth2 doc for Installed applications: https://developers.google.com/accounts/docs/OAuth2InstalledApp.

Everything appears to work as expected but for the Consent Screen. I am being shown the Consent Screen for every request for the authorization code. Is that expected for an Installed Application? I am using the following parameters:

redirect_uri = urn:ietf:wg:oauth:2.0:oob

response_type = code

I have tried to set approval_prompt to auto and tried combinations of access_type to offline and online, but still that does not help.

Note that similar experiments with a "Web application" (using different client id) works fine where I see the Consent Screen only once.

Any help/suggestions would be appreciated.

Thanks.

Answer 1

For installed applications, the idea is that you'll get a code and convert that to a refresh token and store the refresh token. A user shouldn't need to sign in again and again. Is the user signing out of the app or you are deleting the token after a certain time?

The reason the behavior is different on the web is because we decided to give a "code" back without an approval (in case of application was already approved by the user) but this code can not be used to convert to a refresh token. We did this because users do end up signing out of the web applications due to various reasons (cookies go away) and developers request a "code" without knowing whether a user has already approved or not.