Reputation: 51
What does different Client ID means for same app in google admin reports API?
I am getting different client ID in reports API response for same app, eg slack, but these does not correspond to slack specific workspaces, rather it looks random to me. Does anyone know what does different client ID refers to here?
Upvotes: 3
Views: 997
Answers (1)
Reputation: 2426
This can have multiple meanings and most of them depend on how the apps have been developed. For example, when setting up a GCP project for an app, if you are going to have a web app, mobile(Android), or iOS app under the same project, then you would need different client IDs for each platform.
In addition to that, some developers tend to create their apps in modules depending on the functionalities that they are adding, and how they will be managing the scopes they will be using, etc.
So it is expected that an app can have multiple client IDs linked to it, however you can also check if the client IDs belong to the same app or different apps in the Admin console.
All you need to do is to go to Security > API controls > Manage third party app access > Add app > OAuth app name or Client ID, then search the app by name and see if the client IDs match under the same app.
Be aware that some apps may be listed multiple times depending if they are accessing different versions or instances of the same service, because one may be an add-on, then another one may be a desktop version, and another one the mobile app, etc.
In case you want to know if your users are using a specific authorized app, you can also extract the client ID of an app from the URL of the authentication page. For example, if you go to Slack's website and click the Sign in with Google button you will get a URL like this (it's actually larger but just as an example)
https://accounts.google.com/o/oauth2/v2/auth/identifier?client_id=606092904014-s1u3idjanlbhr4ns5b1hcjgfn63cr9nh.apps.googleusercontent.com
If you check the URL you will see it has the client ID value at
client_id=606092904014-s1u3idjanlbhr4ns5b1hcjgfn63cr9nh.apps.googleusercontent.com.
You can use that information to trust or block the Apps you want your users to access in the API controls of the Admin console.
Upvotes: 1
Related Questions
- Is slack team id unique or not?
- Using google workspace admin API, how to identify slack workspace of the my org users who log into slack using company's email via Gsuite SSO?
- Slack user id and access token unique across teams or users
- GSuite OAuth Client IDs
- how to display slack app information such as clientID
- This client ID is globally unique and is already in use
- Google api console : 3 Client ID for installed applications with same package and different sha1 key
- What difference does the OAuth 2.0 client ID make?
- Can I create Multiple Client ID in Google console?
- Do we get same users in reports.userUsageReport.get and directory.users.list