Domain-wide delegation is a powerful feature that lets you grant client applications permission to access your Workspace users' data without requiring their consent. You can use domain-wide delegation in two ways:
- Authorize a service account to access data on behalf of a user. A service accountmight use the following types of apps:
-
Migration and sync tools that duplicate user content from another service to Google Workspace.
-
Internal apps (for example, automation apps) that developers create for your organization. For example, you can delegate access to an application that uses the Calendar API to add events to your users' calendars.
-
- Allow users to use OAuth client apps without seeing a consent screen. Users can access apps without being prompted for consent, and you can specify the user data that the apps can access.
You can also manage domain-wide installation and view API scopes for Google Workspace Marketplace apps. Learn about Marketplace apps data access and installation.
Service accounts