Hi,
Yes, it all ties to the OAuth key.
However, once you grant access to a particular API, everything that is associated with the API has the access (whatever access you grant, read, or read/write). For example, you won't be able to specify that the OAuth key has access to some groups, but not to some other groups.
Salvete! I want to write an application (or script) for our (church) office that allows for the sorting and validation and automation of mailing lists, and I'd like to use GAM as its back-end to Google. I want to make it so that particular users can manage mailing lists with my little application.
How can I control what access GAM has? Is there a way to assure it only has access to the settings for particular groups, or that it can only use particular commands? I suspect it has to do with the oauth key, but how do you create a "limited" key?