API Security | Transparency to users on app's permissions

Context:

A sizable number of marketplace app installs are done using the Marketplace OAuth link(example). These links are embedded in third-party products' integrations page that allows integration with HighLevel.
This is similar to the Google OAuth link, where Google informs the user that an external site is about to access their account data and seeks your confirmation to proceed
When users arrived on this site, until today, they weren't made aware of which permissions the app was getting access to from their accounts.

What's new?

We have created a new OAuth page where we give users a heads-up about the app they're about to install and inform them about the permissions the app will have access to.
If a private app attempts to access sensitive permissions, such as user.write, we explicitly warn the user.
This feature is also available on the Marketplace's grey-labeled OAuth page(example)

Why is this important?

This feature provides sufficient details to users, allowing them to make informed decisions about the API access they're granting to third-party apps and thereby securing their accounts from unauthorised access.

Preview Images