--- title: OAuth 2.0 Client description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: Docs > DDSQL Reference > Data Directory > OAuth 2.0 Client --- # OAuth 2.0 Client An OAuth 2.0 Client in GCP represents an application's identity used to access Google APIs securely. It defines credentials such as a client ID and client secret, along with authorized redirect URIs, enabling applications to perform user authentication and obtain access tokens. This resource is commonly used for web apps, mobile apps, and services that rely on Google's identity and authorization framework. ``` gcp.iam_oauth_client ``` ## Fields | Title | ID | Type | Data Type | Description | | --------------------- | ---- | ------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- | | _key | core | string | | allowed_grant_types | core | array | Required. The list of OAuth grant types is allowed for the OauthClient. | | allowed_redirect_uris | core | array | Required. The list of redirect uris that is allowed to redirect back when authorization process is completed. | | allowed_scopes | core | array | Required. The list of scopes that the OauthClient is allowed to request during OAuth flows. The following scopes are supported: * `https://www.googleapis.com/auth/cloud-platform`: See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account. | | ancestors | core | array | | client_id | core | string | Output only. The system-generated OauthClient id. | | client_type | core | string | Immutable. The type of OauthClient. Either public or private. For private clients, the client secret can be managed using the dedicated OauthClientCredential resource. | | datadog_display_name | core | string | | description | core | string | Optional. A user-specified description of the OauthClient. Cannot exceed 256 characters. | | disabled | core | bool | Optional. Whether the OauthClient is disabled. You cannot use a disabled OAuth client. | | expire_time | core | timestamp | Output only. Time after which the OauthClient will be permanently purged and cannot be recovered. | | gcp_display_name | core | string | Optional. A user-specified display name of the OauthClient. Cannot exceed 32 characters. | | labels | core | array | | name | core | string | Immutable. Identifier. The resource name of the OauthClient. Format:`projects/{project}/locations/{location}/oauthClients/{oauth_client}`. | | organization_id | core | string | | parent | core | string | | project_id | core | string | | project_number | core | string | | region_id | core | string | | resource_name | core | string | | state | core | string | Output only. The state of the OauthClient. | | tags | core | hstore_csv | | zone_id | core | string |