I'm new to Apigee and trying to figure out if I should and how I could set up an API protected by by a user's Google account (or other common system). I'd like our Javascript UI to bounce the user off a Google provided login screen and then attach which ever tokens/keys/cookies are required to the Apigee proxy so that it can validate they have logged in to the 3rd party and extract some identifying info so that we can check their usage against a quota. The critical points are that I want end users to use an existing account and not to create a new one with Apigee or our company to use the API proxy. I will later add an alternative auth path, maybe an alternative proxy if I have to, so that developers can access the API using a key and have a different quota level based on their entire app and not be per-user. I don't believe that will affect the OAuth implemention.

What I'm struggling with now is to make sure I have the right terminology for searching out an example of this implementation.