I have an app with the same credentials since 2014. Recently Google asked me to reduce scope from Gmail all to gmail.modify (which I totally understand, we never got around developing all the features we wanted and we don't need more than modify).
So, we happily went ahead and changed the scope and re-submit for verifications.
In the console API OAuth consent screen, there is a text that says "Your consent screen is being reverified. This may take up to several weeks. Your last approved consent screen is still in use." and "Verification status Being re-verified (Last approved consent screen is still in use)".
BUT the last approved consent screen is not displayed, the credential screen in my app now displays that the app is unverified (meaning once 100 people bypass it, I'm screwed and I have new users doing that daily).
Does anyone know how to contact google or what to do in those situations? This is an absolute nightmare.
You are screwed.
Here is the full story: https://medium.com/@jchatelaine/make-sure-it-doesnt-happen-to-you-817736b26224