OAuth overview

Every request that your application sends to the Business Profile APIs must include an authorization token. The authorization token identifies the user or the application to Google, which allows access to the Business Profile APIs. Your application must use OAuth 2.0 protocol to authorize requests.

The OAuth setup guide explains the different methods that you can use to implement OAuth 2.0 on your platform. The Google Identity Platform provides the Google Sign-In and OAuth functionality that's used throughout this guide.

The implementation of OAuth 2.0 provides the following benefits:

  • Protects access to the business owner's data.
  • Establishes the identity of the business owner when they sign in to their Google Account.
  • Establishes that a partner platform or application can access and modify location data with explicit consent from the business owner. The owner can later revoke this access.
  • Establishes the identity of the partner platform.
  • Enables partner platforms to perform online or offline actions on behalf of the business owner. This includes responses to reviews, creation of posts, and updates to menu items.
  • Allows multi-step workflows with multiple participants to be made transparent, such as management invitations.