14 DAY TRIAL // Google is a big supporter of OAuth, the authorization protocol which enables web applications and services to work together and access data without the need to reveal user names and passwords to third-parties.
Google has been adding OAuth support to its APIs and has now rolled out a new set of Provisioning APIs for Google Apps which provide a more granular control over what applications can do via OAuth.
"Among the many benefits of OAuth is the ability to provide access to Administrative APIs without exposing admin usernames or passwords," Michael Manoochehri, from the Google Apps APIs Team, wrote.
"While the Provisioning API has featured OAuth support for some time, we're excited to announce that developers now have even more control over access to the API," he announced.
"The Provisioning API now has four separate OAuth scopes - one each for the users, alias, organization units, and groups methods. For example, this means that developers can enable an application to have access scoped to only groups and not user data," he explained.
Previously, all of the functionality was exposed via the Provisioning API, it was all or nothing. The old API is being deprecated in favor of the four new ones.
It will continue to work, so applications won't break, but Google encourages developers to migrate to the new set of APIs as soon as possible as, eventually, the current Provisioning API will no longer be accessible.
Among its other efforts to expand the use of OAuth for its APIs, Google has announced that its Reporting API is now accessible via the secured authorization protocol.
Google started a big push to get developers to switch over to OAuth 2.0 earlier this year, when it announced that all of its APIs will be accessible via the upcoming protocol, which hasn't been finalized yet.