Google oauth scopes list.
Jun 4, 2025 · An authorization scope is an OAuth 2.
Google oauth scopes list 0 to limit an application's access to a user's account. Jun 4, 2025 · For more information, see Granular OAuth consent in Google Apps Script IDE executions. The granular OAuth consent screen lets users specify which individual OAuth scopes they want to authorize. Jul 19, 2013 · When you request authorization from a user, you need to specify what you would like the user to consent to. Scopes are your app's requests to work with Google Workspace data, including users' Google Account data. Review the scopes listed in each of the three sections: non-sensitive scopes, sensitive scopes, and restricted scopes. Open Oauth Consent Screen from API Credentials and click Data Access. Go to Credentials on the OAuth Consent Screen configuration page. The Verification OAuth API Verification FAQ contains the current list of Sensitive and Restricted scopes. For any scopes listed in the "Your sensitive scopes" or "Your restricted scopes" sections, try to identify alternative non-sensitive scopes to avoid Jun 4, 2025 · An authorization scope is an OAuth 2. com Understanding OAuth endpoints; Requesting tokens and codes; Customizing tokens and codes; Revoking and approving tokens; Revoking tokens by end user ID and app ID; Revoking and approving consumer keys; Sending an access token; Verifying access token; Working with OAuth2 scopes; Using third-party OAuth tokens; Hashing tokens for extra security May 19, 2012 · I cannot find documentation covering the complete list of scopes that are available and what information is accessible within each scope - does anyone know if such a thing exists? oauth-2. 0 scopes that you might need to request to access Google APIs, depending on the level of access you need. This is what the list of scopes is used for - it controls the text the user sees when they authorize your application, and the refresh / access tokens granted by that authorization are limited to making API calls that are allowed by those Scope is a mechanism in OAuth 2. 0 Scopes for Google APIs. Jun 10, 2025 · When you use OAuth 2. Tip: If you want to view only the restricted scopes, see the Google Cloud Consoles's Restricted Scopes page. 0 to get permission from a Google Account to access their data, you use strings called scopes to specify the type of data you want to access on their behalf. Granular OAuth permissions give users more fine-grained control over what account data they choose to share with each script. Go to Scopes for Google APIs and delete the overly broad scope. If your app requests scopes categorized as sensitive or restricted , you probably need to complete the verification process unless your app's use qualifies for an Apps that request access to scopes categorized as sensitive or restricted must complete Google's OAuth app verification before being granted access. . Dec 19, 2024 · Where SCOPES is a comma separated list of OAuth scopes requested, for example: Consult the full list of Google OAuth scopes to find which scopes you need. About OAuth and OAuth scopes The new console UX has made it clearer. You should see the scopes you added included in the corresponding table in the scopes page depending on the scope classification. An application can request one or more scopes, this information is then presented to the user in the consent screen, and the access token issued to the application will be limited to the scopes granted. May 19, 2025 · This document lists the OAuth 2. Click Submit for verification View OAuth grant activity by product, scope, or user. google. When you add scopes to your project, scope categories (non-sensitive, sensitive Jun 4, 2025 · An authorization scope is an OAuth 2. Applications use a credential (obtained from a user-centric or server-centric authentication flow) together with one or more scopes to request an access token from a Google authorization server to access protected resources. 6 days ago · In most cases you can let Apps Script detect these scopes and update the manifest automatically. Sensitive scopes require review by Google and have a sensitive indicator on the Google Cloud Console's OAuth consent screen configuration page. Sign in to the Google Cloud Console. 5 days ago · OAuth 2. 0 google-authentication Jan 31, 2025 · To learn about working with OAuth scopes, see Configure OAuth for your application. The following table shows a list of scopes that Google Workspace add-ons often use: Remove the scope from your project's OAuth consent screen configuration page in Google Cloud Console. When your app is installed, a user is asked to validate the scopes used by the app. 0 uses scopes to determine if an authenticated identity is authorized. A complete list of Google APIs and their corresponding scopes can be found in the OAuth 2. For a list of all resource groups and OAuth scopes supported by a particular service, see the schema reference page for that service. These scopes provide wide access to Google user data and require you to go through a scope verification process before you request the scopes from any Google Account. Select the project ID. ADD OR REMOVE SCOPES opens a side panel listing scopes for all the enabled APIs in the project. 0 endpoint until it is verified Jun 10, 2025 · Restricted scopes are fewer in number compared to sensitive scopes. To generate a spreadsheet with the report’s data, click Download . Note: If a new sensitive or restricted scope is added to a list of verified scopes, do not immediately include this scope in the list of scopes in your request to the Google OAuth 2. At the bottom, you can see OAuth grant activity by product (app), scope, or user. Many scopes overlap, so it's best to use a scope that isn't Jun 4, 2025 · For a list of available scopes, see OAuth 2. 0 URI string that contains the Google Workspace app name, what kind of data it accesses, and the level of access. To filter the information, click App, Scope, or User. When editing your manifest's scope list, do not remove any scopes unless you are replacing them with a more appropriate alternative, such as a narrower scope. See full list on support. eyqgtlfjhyyzokulafglgcqknznezgpgtfyicitpdcwthweiwtgqruudqvy