I am building an web application , which will connect to g-suite for fetching all users in g-suite domains . I have gone through G-Suite OAuth documentation https://developers.google.com/identity/protocols/OAuth2 , I am little confused in between OAuth for server side app and OAuth for service account . Can anybody point out which one is better or more secure for my clients.
1 Answers
0
votes
I would like to recommend OAuth for Service Account. This also supports server-to-server interaction such as those between a web application and a Google service. However, the mechanics of server-to-server authentication interactions require applications to create and cryptographically sign JSON Web Tokens (JWTs), and it's easy to make serious errors that can have a severe impact on the security of your application.
