Google is locking down API access to Gmail data (and later, Drive data) soon, and some of your favorite third-party apps might find themselves locked out of your Google account data. The new API policy was announced back in October, but this week Google started emailing individual users of these apps, telling them the apps will no longer work starting July 15. The new policy closes off OAuth access to Gmail data, and while we by no means have a comprehensive list of what isn’t affected yet, so far we’ve seen users of Microsoft’s SwiftKey and the open source app SMS Backup+ receive notification emails.
Google’s OAuth APIs have been around for years as a way for apps to get access to and control your Google data. A third-party email app, for instance, would want access to your Gmail account and the ability to send, read, and delete emails so it could control everything remotely. An IM app might just want access to your contacts and profile picture. For years this was purely an agreement between the user and the developer—the app would say what it wanted access to, and the user could deny or allow it.
In the October blog post, Google announced a major change to Gmail data access—Google would now be legislating what uses are and are not allowed. Only “appropriate” access will be allowed for some APIs, strict data-handling rules will be enacted, and access to APIs would be limited to “only the information necessary to implement your application.” It sounds like Google will also be subjecting all of these apps to human review, app-store style.