In AuthSub, for Google Apps hosted domains I could use the hd parameter to redirect the user to that domain, get them to login to that domain and receive the token.
What is the equivalent functionality in OAuth2?
I came across this URL: https://developers.google.com/drive/delegation
Is this the only way? From what I understand, the service account gets direct access to all the users? The workflow would be different from what used to be for AuthSub, where the user had to login to their individual domain account? Is this understanding correct?
I think I found a solution, but not sure if it is the correct one.
For test, I just added &hd=mydomain.com to the auth url and I was correctly redirected to the the domain login page. Once I logged in, I did get 403, Admin has disabled third party apps. So I logged in to the google apps admin and enabled the checkbox. And it worked fine.
I just need a confirmation from Google drive developers if this is a correct solution or works currently only because AuthSub/ OAuth1 is yet to be disabled?
UPDATE: hd=default does not work. You can set it to empty string.