Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Google Oauth removing scopes from access

Tags:

oauth

google-api

oauth-2.0

google-oauth

Lets say I have an application and my application has been running for years requesting access of users. The application in question was requesting way more access then was needed or the application has been changed and no longer needs some of the scopes which it is requesting.

The offending scopes have been removed so new users are no longer prompted for access that we don't need.

However we now have a number of older users whose refresh tokens grant us access which we don't need. I would like to fix this by removing the no longer needed scopes from there authorization. The easiest solution would probably be to just revoke their tokens and require that they re-authorize, however i think this would be unacceptable to the customers.

Examples of scopes :

https://www.googleapis.com/auth/analytics View and manage your Google Analytics data

The application is asking for full access. The application doesn't need full access

https://www.googleapis.com/auth/analytics.readonly View your Google Analytics data

Is it possible to remove scopes from authorization? I know it's possible to request additional permissions but i haven't been able to find a way of removing excessive permissions.

like image 767
DaImTo Avatar asked Oct 17 '22 13:10

DaImTo

1 Answers

You can explicitly set the scopes your script project uses by editing its manifest file. The manifest field oauthScopes is an array of all scopes used by the project. To set your project's scopes, do the following:

  1. Open the script project in the Apps Script editor.
  2. In the menu, select File > Project properties.
  3. Select the Scopes tab.
  4. Review the scopes your script currently requires and determine what changes need to be made. Click Cancel when finished.
  5. If the manifest file appsscript.json isn't visible in the left nav bar, select the View > Show manifest file menu item.
  6. Select the appsscript.json file in the left nav to open it.
  7. Locate the top-level field labeled oauthScopes. If it is not present, you can add it.
  8. The oauthScopes field specifies an array of strings. To set the scopes your project uses, replace the contents of this array with the scopes you want it to use. For example:

enter image description here

  1. Save the manifest file using Ctrl+S or the Save file icon in the menu bar.

More info here: https://developers.google.com/apps-script/concepts/scopes

like image 86
DannyFeliz Avatar answered Oct 20 '22 23:10

DannyFeliz
Sign in to Comment

Related questions

Azure AD and Spring Security with Oauth 2
Devise/Google OAuth 2: Not found. Authentication passthru

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!