Google recently introduced stricter privacy policies for their Gmail API that requires a security audit for sensitive scopes, such as accessing email. Can this be circumvented by relying exclusively on connecting to user inboxes via IMAP?
Context.io shut down because of these policies and I don't understand why they don't just connect to user inboxes via IMAP. https://blog.context.io/context-io-deprecation-notice-ce8b77e6e477
A technical answer is that you can't connect to GMail's IMAP accounts (in general) without using OAuth authentication; which is subject to the same technical requirements via your apps OAuth registration.
Otherwise, you have to get users to generate server specific passwords or lower the security requirements for their accounts, which is a no-go for all but the most technical of users.
By default GMail's IMAP server blocks simple password logins.