As an administrator, you can whitelist the address of specific web applications that are authorized to access specific G Suite APIs for this domain. This way, you can make sure that only authorized applications can use APIs. To make things even safer, administrators can define the approved scope for each application.
To authorize an application to have API access, follow these steps in the Advanced settings section:
- Click on Manage API client access and go to the authorized API clients list:
- Type the URL of the application in the Client Name field.
- Type the API scopes (separated by a comma) that this application is authorized to access in the One or More API Scopes field. To see a full list of all currently available APIs and scopes, go to https://developers.google.com/identity/protocols/googlescopes.
- Click Authorize.
By defining the API client authorizations, you help prevent unauthorized people from using the APIs. By delimiting each client scope, you know exactly how much access is given to any application.
You can now whitelist applications that are allowed to integrate with G Suite on this domain. In the next section, you will learn how to set up API permissions.