Increased account security via OAuth 2.0 token revocation
Late last year, we announced a planned change https://goo.gl/FHWsW4
to our security policy, whereby OAuth 2.0 tokens would be revoked when a user's password was changed. We later decided not to move forward https://goo.gl/jd8HWI
with this change for Apps customers and arrived at a less impactful update, deciding to limit its application to mail scopes only and to exclude Google Apps Script tokens.
This updated policy is now ready to be rolled out, taking effect on October 5, 2016
. We encourage developers to make any necessary changes to their apps to handle invalid tokens as a result of this policy implementation.
To learn more, see our blogpost at: