cancel
Showing results for 
Search instead for 
Did you mean: 

OAuth Client Application Risk

jhwong
Moderator
Moderator

We recently published Who Do You Trust? OAuth Client Application Trends

which looks at real-world trust of applications by users using Google Identity for authentication and approval. It highlights some of the common applications and permissions being requested.

 

Some questions for you:

  • Are you aware of which OAuth client applications are being trusted by your users?
  • Do you have good visibility into this data?
  • Are you locking down your environment in any way e.g. not allowing users to grant consent or approve apps?
  • What would help you understand and manage risk from oauth client applications?