Google Login in a Post GDPR/CCPA World

For some reason, I’ve implemented oAuth way more times than I imagined I would when I started my career. I recently had to go through the Google login flow again. As a company that holds so much data on its user, Google has rightfully tightened the rules on who can implement Google Login. I’m not sure if it has anything to do with GDPR or CCPA, but things seem to have changed a lot over the last couple of years (2018/2019).

If you are embarking on a journey to implement Google Login, I hope this blog post will help you with planning out the project, so it doesn’t have to delay.

Figure out the type of user data you’re accessing