If you are using GSuite there is option to Restrict the API access for 3rd party apps. This is something which I highly recommend for any company. You can find the restrictions under G Suite Admin -> Security -> API Permissions
Under the tab “Installed apps” you can find all the apps which are used by your users.
Under the tab “Trusted apps” you can find all the apps which are white-listed.
The best way is to disable all API access and only white-list the apps you really trust!
How to find the App ID for white-list?
The problem comes when you need to white-list the apps. Usually you can find all the apps users are using under the tab “installed apps” and you just right click and white-list them.
However what to do when the app doesn’t show up there? Let’s say for example for the macOS integration of Google Account.
The steps for finding the App ID are simple:
- Go to the Reports Token audit logs
- Click on add additional columns
- Select the filter for your name ( or the name of the users which tries to authorize), and auth action
- Filter the results and find the Client ID
How to add app to the white-list:
- Go to Trusted App under the API Permissions settings in the Admin Console
- Click on the + sign and select Web Application from drop down
- Paste Client ID and click Add
And that’s it. And the Client ID is the same for all mac users so it shouldn’t be necessary to do this for each of your users.