Confirm developer and OAuth ownership before Merchant API cutover.

Identify who owns the Google Cloud project, OAuth client, Merchant Center access, and production credentials.

Review OAuth scopes, token storage, credential rotation, incident ownership, and vendor responsibility before production claims.

Keep credential proof redacted; do not store raw OAuth tokens, client secrets, customer emails, or unnecessary Merchant IDs in SEO evidence.

Attach unresolved developer registration, scope, or owner gaps as NOT_VERIFIED rather than READY.

Use staging request proof that shows Merchant API v1 calls and no Content API fallback.