Memberships that naturally map to Groups/Drives instead of User.
Membership naturally maps to Groups (SCIM terminology) for some target systems like Google instead of User (SCIM terminology).
This means, when there is a request to fetch user details - for every user, we need to query all the Drives and Groups to fetch the Permissions/Memberships for the user every time, which is an expensive operation. To improve performance, we should associate Groups/Drives with Membership. Since we are not doing that, How to avoid querying all Groups/Drives while mapping for Groups to Users?
Currently, we control this by allowing group membership modification using PATCH only and also limiting this query to only the cases where the membership is explicitly requested.
Move authentication to key-less authentication
Currently we use p12 keys to create trusted connection to google using service accounts. The latest Workload Identity Federation provides better security by issuing short term tokens instead of long term certificates. This is recommended since it provides better security over certificates.