Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Google OAuth scope for sending mail

Tags:

gmail

oauth-2.0

google-apps

google-oauth

Using Google Oauth2, the following scope is used to get API-access to a users email: https://mail.google.com/

Testing the scope via OAuth 2.0 Playground confirms that the app wants to "View and manage your email":

enter image description here

Is there a way to only ask for access to send emails on behalf of the user? A more specific scope perhaps?

like image 368
Jonas Bylov Avatar asked Sep 30 '13 19:09

Jonas Bylov

People also ask

What is allowed OAuth scopes?

What is OAuth2 scope? OAuth 2.0 scopes provide a way to limit the amount of access that is granted to an access token. For example, an access token issued to a client app may be granted READ and WRITE access to protected resources, or just READ access.

What are Google sensitive scopes?

What are sensitive API scopes? Sensitive scopes allow access to Google User Data. If an app uses sensitive scopes, it must comply with the Google API User Data Policy or product specific User Data policy and have its OAuth consent screen configuration verified by Google.

Is scope required for OAuth2?

You don't necessarily need OAuth2 scopes, and you can handle authentication and authorization however you want. But OAuth2 with scopes can be nicely integrated into your API (with OpenAPI) and your API docs.

1 Answers

The scope is the same if you use OAuth through SMTP or IMAP. But Google released new set of scopes (https://developers.google.com/gmail/api/auth/scopes) for Gmail API access. Here they are:

  1. https://mail.google.com/ Full access to the account, including permanent deletion of threads and messages. This scope should only be requested if your application needs to immediately and permanently delete threads and messages. All other actions can be performed with less permissive scopes.
  2. https://www.googleapis.com/auth/gmail.modify All read/write operations except immediate, permanent deletion of threads and messages.
  3. https://www.googleapis.com/auth/gmail.readonly Read all resources and their metadata. No write operations.
  4. https://www.googleapis.com/auth/gmail.compose Create, read, update, and delete drafts. Send messages and drafts.
  5. https://www.googleapis.com/auth/gmail.send Send messages only. No read or modify privileges on mailbox.
  6. https://www.googleapis.com/auth/gmail.insert Insert and import messages only.
  7. https://www.googleapis.com/auth/gmail.labels Create, read, update, and delete labels only.
  8. https://www.googleapis.com/auth/gmail.metadata Read resources metadata including labels, history records, and email message headers, but not the message body or attachments.
  9. https://www.googleapis.com/auth/gmail.settings.basic Manage basic mail settings.
  10. https://www.googleapis.com/auth/gmail.settings.sharing Manage sensitive mail settings, including forwarding rules and aliases. (GSuite only)

You can try using the 5th one and see if it works for you.

like image 116
Kumar Avatar answered Sep 29 '22 15:09

Kumar
Sign in to Comment

Related questions

Python gmail api send email with attachment pdf all blank
Rails and Gmail SMTP, how to use a custom from address
JavaMail BaseEncode64 Error
What mechanism does Gmail use for user authentication?
Gmail API: Insufficient Permission
Python/imaplib - How to get messages' labels?
How to set from mail address other than smtp authentication mail in java mail
How does Basecamp add "View on Basecamp" links to Gmail?
GMail for KitKat crashes on sending attachments that are not images or videos
GMail not showing inline-images (cid) i'm sending with System.Net.Mail
As a recipient, is it possible to detect if an email was sent via Gmail's "Schedule Send" vs. "Send"?
how to Import contacts via gmail in rails? [duplicate]
connect gmail through php imap? local issuer certificate error [duplicate]
oauth2client.clientsecrets.InvalidClientSecretsError: Missing property "redirect_uris" in a client type of "web"
PHP GMAIL Contacts XML Parsing with DOMDocument and cURL
Spring/Java Mail: The FROM address is being ignored
How to send a draft email using google apps script
How stackoverflow accomplish login via Gmail?
Cakephp 3 error trying to send email with gmail
How to fetch Gmail contacts? [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!