#Manage your unused OAuth clients and protect your information

Hi guys, has there been a guide on how to initiate a Sign-in with Google flow or exchange a refresh token for an access token for OAuth? I'm a noob so any picture / video guides are most appreciated.

What you need to know
As we recently announced, starting June 2025, OAuth clients that have remained inactive for six months will be automatically deleted. This change helps prevent credential theft and misuse.

Inactivity is determined based on the absence of token exchanges or client updates. Viewing an OAuth client on Google Cloud Console is not considered activity. After an OAuth client is deleted, you will have 30 days to restore the client via the Google Auth Platform section of the Google Cloud Console.

To prevent deletion of clients you wish to retain, initiate a Sign-in with Google flow or exchange a refresh token for an access token for each client listed above.

Is there something in particular you're referring to, as in a client you've got set up?

You'll notice in that email it lists impacted OAuth clients, do you believe one of those should actually be in use? If not, you don't need to do anything. If so, you should double check where you think that's configured. It's a regular occurrence for refresh tokens to be exchanged for access tokens, so if you've got something set up that's already using your credentials, there should be no action required (and those clients wouldn't show up on that list).

That is weird because I am using this client for my Google calendar and YouTube integration.

I will need to double check tonight because I do not think I have any other clients set up

I checked the Oauth client mentioned in the email. They specifically stated that the client I am using for home assistant hasnt been used for 5 months and will be deleted.

But checking to the last accessed date, it is just last week.

Additionally, from the cloud overview dashboard, I can still see that there are API requests running.

Last used date shows it's used... so I'm not seeing an issue there. You'd see an actual warning on the page if it'd be deleted