I'm using an app from GCP (Google Cloud Platform) for one of my desktop-app. I need to authenticate the user through oAuth credential to use that app on GCP. For that purpose, I created one credential now and it works fine in testing environment. However, there will be many users of my app, and now I have questions on how to programmatically create credentials for each user. So the question before doing that is
Is it best practice to create separate oAuth client credentials per-app basis? In this case, I can manage the credentials on GCP console as it will be only few credentials.
Or is it best practice to create separate oAuth client credentials per-user basis? In this case, I will need to programmatically create credentials per user, like via REST API. How can I do this programmatically?
Your architecture is a bit unclear (what do you mean exactly by "using an app from GCP"?), but I understand that you are trying to authenticate users from a desktop application you are developing in order to interact with Google APIs as the authenticated user.
In that scenario, you would typically need to create a single OAuth client ID to authenticate the application itself. The application will then ask the end-user to authenticate using their own credentials in order for your app to retrieve an access token it can use to call the relevant APIs.
You can find more details on the authentication flow in the documentation here: https://developers.google.com/identity/protocols/oauth2/native-app