Google has recently published an updated version of its API services user data policy which anyone using Google's APIs and data via OAuth should know about.
Here's a link to the new policy
[developers.google.com...]

Google is also increasing security via OAuth 2.0 token revocation. From October 5, Google explains what will happen to users...

...users in a Google Apps domain, while changing their passwords on or after this date, will result in the revocation of the OAuth 2.0 tokens of apps that access their mailboxes using Gmail-based authorization scopes.

Applications will continue to work if there is no change.

Google asks that developers modify the applications to handle HTTP 400 or 410 errors following revoked tokens so that users are prompted to go though OAuth and re-authorize the apps to access the mailbox.

To achieve the security benefits of this policy change with minimal admin confusion and end-user disruption, we’ve decided to limit its application to mail scopes only and to exclude Apps Script tokens. Apps installed via the Google Apps Marketplace are also not subject to the token revocation.
Increased account security via OAuth 2.0 token revocation [googleappsdeveloper.blogspot.com]

It really is worth developers reading this and being aware of the issue to head off calls and problems before they crop up after the date of change.