|
|
|
|
|
|
by tssva
1495 days ago
|
|
|
The Google documentation regarding Oauth access to Google APIs including Gmail explicitly mentions this requirement. It should not have been a shock to the author. Also this requirement only applies if the app is intended to store the data on a server. An email client which directly accesses and locally stores the email would not require a security audit. Pegasus would not be the 1st email client to use OAuth2 with Gmail and others have not required an audit. Some of the newer email client services which implement advance features by downloading email directly from Gmail to their own servers on the backend to do processing of the email would require a security audit. |
|
|