Updates to end user consent for 3rd-party apps and Single Sign-on providers

Beginning April 5, 2017, Google implemented updates to the consent process for G Suite users interacting with third-party applications and Single Sign-On (SSO) providers to enhance data security and transparency. These changes require application developers and third-party SSO providers to present users with clear information about account authentication and permissions being granted, with a particular focus on distinguishing non-standard permissions through a secondary consent screen. The updates apply to Google and third-party apps on iOS, mobile browsers on iOS and Android, and web browsers like Chrome and Firefox, though Android apps using standard authentication libraries remain unaffected. Users will experience redirects to ensure they are signing in with the correct accounts, and developers are encouraged to use parameters like "hd" and "login_hint" to specify domain names and assist in the authentication process. These measures aim to provide users with greater visibility over permission requests and facilitate easier contact with application developers, thereby improving the overall security and clarity of user interactions with third-party services.