New OAuth Support in Google Apps APIs

Up to now, Google Apps administrators had to sign requests for calls to Google Apps APIs using their username and password (this is called ClientLogin Authorization).

From today, Google Apps now supports OAuth authorization on Google Apps APIs.

There are several advantages to using OAuth instead of the username/password model:
– OAuth is more secure: OAuth tokens can be scoped and set to expire by a certain date, making them more secure than using the ClientLogin mechanism.
– OAuth is customizable: Using OAuth, adminsitrators can create tokens that scripts may only use to access data of a particular scope when calling Google Apps APIs. For instance, a token set to call the Email Migration API would not be able to use login credentials to access the Google Apps Provisioning API.
– OAuth is an open standard: OAuth is an open source standard, making it a familiar choice for developers to work with.

The Google Apps APIs that support the OAuth signing mechanism are:
1. Provisioning API
2. Email Migration API
3. Admin Settings API
4. Calendar Resource API
5. Email Settings API
6. Audit API