I've set up a Google project so that I can allow my users to log in via Google. It's all working but in my consent screen section in the Google developer console it says Verification status: Not published
I can't seem to find any articles to explain what this means. I can find plenty of articles about status Unverified but nothing for Not Published.
I accidentally added a logo at one point which changed the status to Unverified. So then I deleted the project and re-created a new one and it's now Not Published.
My question is what does Not published mean? Can I use it on my website for login with Google or will it give errors or stop working after a while?
Verification status: Not published
It means that the consent screen is new. When you create a new Google Cloud Project, you have to create a new consent screen, which initially exists in an indeterminate state about its verification status, hence the "not published" instead of "not verified".
When you add a sensitive scope and save the consent screen (or upload an icon that the users will see on the screen), it has to be reviewed to ensure you do not have malicious intent, therefore the status changes to "needs verification".
After you go through the OAuth client verification process, the status changes to "published" in case of review success.
To sum up, there are three "states" in which a project verification status can be:
Current documented definition of an unverified app confirms that leaving the project in the initial state if one does not have sensitive or restricted scopes should not lead to a warning screen:
An unverified app is an app or Apps Script that requests a sensitive or restricted OAuth scope, but hasn't gone through the Google verification process