You can now block all third-party API access to Google Workspace data with a new setting. This complements other available OAuth settings which help you
When selected, all third-party apps are denied access to Workspace and end user data, blocking all OAuth 2.0 scopes. This also means that users cannot use their Google Workspace accounts to sign into third-party apps and websites.
This feature will be OFF by default and can be enabled in the Admin console by going to Security > API controls and selecting “Block all third-party API Access”. Visit the Help Center to learn more about blocking all third-party API access or controlling which third-party & internal apps access Google Workspace data.