HotelWD

Google OAuth Brand Verification Hotel WD's Identity Is Verified

Hotel WD has passed Google's OAuth Brand Verification: the 'unverified app' warning is gone from the sign-in screen, and access to sensitive scopes is open. Next: a 6-month wait, then the Google Business Profile API application.

Google OAuth Brand Verification: An Intermediate Threshold

Good ideas are common. Turning an idea into a product that third parties can technically trust is the harder work.

As of April 17, 2026, Hotel WD has passed Google's OAuth Brand Verification process. This means our OAuth consent screen has been verified by Google in terms of brand identity.

Let's be clear up front: This is not a partnership. Nor is it a security certification. It does not mean Google recommends Hotel WD or "stamps" the quality of the product. Those kinds of reviews (e.g. CASA Tier 2/3 security assessment, Google Business Profile API approval, Hotel Center integration) are separate processes.

So what exactly is OAuth Brand Verification?

When an app offers sign-in with Google, it appears on the OAuth consent screen with a brand identity: the app name, logo, support email, privacy policy and terms-of-service links, and the domain it owns. Google verifies that this identity is legitimate and consistent along the following axes:

  • 1
    Domain ownership. Is the website the app claims as "who we are" actually owned by the same team?
  • 2
    Brand consistency. Do the logo, name, and domain match what's shown on the OAuth screen? Does it avoid impersonating another brand?
  • 3
    Legal documents. Are the privacy policy and terms of service at real URLs, accessible, and describing the app's actual behavior?
  • 4
    Scope consistency. Are the OAuth scopes the app requests aligned with its declared use case?

    • In other words, Google is saying: "this app is who it claims to be." Nothing more, nothing less. It does not test whether user data is "handled securely" — that is a separate process (CASA).

    What does this verification concretely give the hotelier?

  • The "unverified app" warning is gone. When hoteliers sign in to Hotel WD with Google, the scary yellow warning no longer appears — they go straight to the consent screen.
  • Sensitive and restricted scopes are now usable. This was the prerequisite for applying to integrations like the Google Business Profile API.
  • The OAuth consent screen now shows the Hotel WD brand. With a verified name and logo, instead of a generic "unknown developer."

    • What's next? A 6-month wait, then the Business Profile API

    Google's policy requires a 6-month waiting period after OAuth approval before we can apply for Google Business Profile API access. Our next critical date: ~October 17, 2026.

    The Business Profile API application is a separate approval process — having passed OAuth verification isn't enough; that API has its own review steps. If approval comes through, the following will go live inside Hotel WD:

  • Reservation and campaign updates sync to the hotelier's Google Business Profile with a single click.
  • 360° panoramas are pulled directly from GBP and published on the /3d page.
  • Guest reviews are aggregated on the platform and reported via automated sentiment analysis.
  • Performance metrics (impressions, clicks, calls) are visualized on the management panel.

    • The infrastructure has been built; pages like /website/3d, /settings/gbp, and /marketing/local-seo are waiting in standby mode until the API approval comes through. The moment it opens, they activate without requiring any extra work from the hotelier.

    Why get into this level of detail?

    Because in the market, "Google has approved us" is easily misread as "we're a Google partner." As Hotel WD, we don't want to appear as more than what we are. Keeping the following clear is important:

  • OAuth brand verification = brand identity verification. ✓ We have it.
  • CASA security assessment = code/data security audit. Separate process.
  • Google Business Profile API access = separate approval for GBP integration. Next target.
  • Google Hotel Center = a completely separate program. Long-term goal.
  • Being a "Google Partner" = formal participation in Google Partner programs. Hotel WD is not part of them.

    • We advance one step at a time, earning each one.

    We're tired, but it's worth it

    This process — run alongside 27 years of digital experience and software engineer Celal Dinç — involved many fine details: a correct privacy policy, a consistent domain identity, scope-to-use-case alignment, verified support email. Every step reminded us of the same thing: speaking honestly with large platforms requires consistency in every detail.

    See you in the next post — probably around October 17, with the story of our Business Profile API application.

    Official References

  • Google Cloud Console — The dashboard where OAuth apps and consent screens are managed
  • OAuth App Verification Help Center — Brand verification process and scope approval flow
  • OAuth 2.0 Protocol Overview — Google's official OAuth 2.0 documentation
  • Google Business Profile APIs — Official developer guide for the API we will apply to in 6 months
    • Tahir Dinç
    AUTHOR

    Tahir Dinç

    Turkey27+ YEARS EXP

    I have been working in the digital field since 1999. I still hold the position of Digital Marketing Manager at Türk SEM. I have also been involved in tourism-related activities since 2005.

    View Full Profile
    Hotel WD·Strategy Team

    HOTEL WD

    Start Building FreeFind an Expert
    View Archives
    Google OAuth Brand Verification: Hotel WD's Identity Is Verified | Hotel WD - Hotel WD