→ Google APIs use the OAuth 2.0 protocol for authentication and authorization. Google supports common OAuth 2.0 scenarios such as those for a web server, installed, and client-side applications.
→ All applications follow a basic pattern when accessing a Google API using OAuth 2.0. At a high level, you follow four steps:
- Obtain OAuth 2.0 credentials from the Google API Console.
- Obtain an access token from the Google Authorization Server.
- Send the access token to an API.
- Refresh the access token, if necessary.
For more info click here.