Comment by SilverSlash
18 hours ago
Their "API" isn't what's being accessed here. As far as I understand it's using their subscription account oauth token in some third party app that's the issue here.
18 hours ago
Their "API" isn't what's being accessed here. As far as I understand it's using their subscription account oauth token in some third party app that's the issue here.
If they allowed oauth token to work like that then that is their (Google's) problem.
It is basically impossible to disallow the token to work that way on a technical level. It would be akin to trying to trying to set up a card scanner that can deny a valid card depending on who is holding it. The only way to prevent it from working is analyzing usage patterns/details/etc in some form or fashion. Similar to stationing a guard as a second check on people whose cards scan as valid.
Exactly, so charge on usage or cap on usage.
Either the token works for all times, or works until it doesn't, or does not work at all.
Punishing the account for using a token you have vended for the exact same purpose is extremely poor product design.
So it sounds like the trillion dollar corporation can actually do it but they don't want to spend the money too because they are extremely cheap?
Well, it looks like they're not allowing it.