Low-risk OAuth consumer (app) registrations should not be blocked by a human approval process. Waiting on approval for a consumer for days is disruptive to development work and often not necessary.
The current working definition of "low-risk" includes consumers which only use the following grants:
* //User identity verification only, no ability to read pages or act on a user's behalf.//
* //User identity verification only with access to real name and email address, no ability to read pages or act on a user's behalf.//
* //[[https://meta.wikimedia.org/wiki/Special:ListGrants#basic|Basic rights]]//
This is expected to be further discussed and somewhat widened over time.
See also:
* {T290790}
* {T159789} (for somehow indicating to the user that their choice of grants will result in more delay)