We received a notice from Google "OAuth clients must support granular consent, starting June 17, 2024" which indicates they are moving to a granular consent screen giving user's the ability to manage permissions on a granular level.
I tried reading through their documentation, but it, sadly, is byzantine and not clear. And there is no option for support other than for Google to abuse StackOverflow and funnel support to here. :(
OAuth app registrations in Google don't specify scopes (as far as I can tell). To my knowledge, the application may request scopes at runtime. The documentation does say that if you are just using "sign in scopes", then granular permissions will not be shown which is all we are doing.
If we no longer request anything other than sign-in scopes, then is any action necessary here? Is there a way to have an OAuth app registration opt-in to this new functionality, so we can test it?
You can go to https://console.cloud.google.com/apis/credentials/consent to see what scopes your application requests. Click "EDIT APP" -> "SAVE AND CONTINUE" -> You should be on the Scopes page. However, it is just a reference. At the end of the day, it is up to your code on what scopes are requesting.
To test your application, see how to enable granular permissions in this section.
If your applications only request Sign-In scopes, then this change should not affect your application.