Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Google Sign In - Asking for fewer Permissions

Tags:

google-api

google-plus

google-signin

google-oauth

I'm using the Google+ Sign In button on my website so that users don't need to create a user account. I'm not interested in any of the social aspects of the Google+ button (for now).

I want the user to be presented with something like this: enter image description here

But instead they're presented with something like this: enter image description here

Which I feel will bounce some potential new users. How do I preset the user with the top screenshot?

I'm setting the sign-in button attribute to: data-scope="https://www.googleapis.com/auth/userinfo.email" or ...plus.me but it seems that plus.info is getting included regardless. Which means my users are asked for all the extra permissions.

I've read this post: Sign in with google, but not google+ but...

This Google page and this Google page recommend the Google+ Sign In button over other sign in methods. And since one day I might want to use the social features, that makes sense to me.

So, am I doing something dumb? Is there a way to use the Google+ Sign In button without asking for all the permissions in the second screenshot?

like image 636
David Gilbertson Avatar asked Aug 22 '13 22:08

David Gilbertson

People also ask

How to get permission for google Search?

To add a new user or delegated ownerClick Users & permissions. Enter the Google Account name (email) of the new user. ⚠️Users must have a Google Account, and email groups cannot be added as a user or owner. Choose the permission level (role) to grant the user.

1 Answers

The permissions that are listed in the consent dialog are tied to the scopes that you request. The difference in your example is the difference between plus.me and plus.login. If you are using a traditional OAuth 2.0 login flow, you can simply switch the scope you are using to reflect the fact that you are not requesting additional user data. However, if you are using the Google+ Sign-In button, the plus.login scope is automatically included, as it is the scope that enables the extra features that come with Google+ Sign-in.

Learn more about scopes at https://developers.google.com/+/api/oauth#scopes. And, if you do not wish to use the additional features of Google+ Sign-In, you can learn more about the OAuth 2.0 flows at https://developers.google.com/accounts/docs/OAuth2.

like image 106
Joanna Avatar answered Sep 30 '22 02:09

Joanna
Sign in to Comment

Related questions

YouTube-API upload files without any error (C#)
What is the maximum allowed expiration time for a Google notification channel?
how to call getBasicProfile() of google to google signin on only button click?
Getting Gmail Inbox using node.js and google-api
How can I get file's 'lastModified' in Google Drive API v3?
Google Drive API v3 use JSON instead of P12 (Service Account) - Unexpected character
Google Map API key error "Your site URL to be authorized"
Google Admin SDK 403 Not Authorized to Access this Resource/API
Access Not Configured. +1 API
Drive API sharingRateLimitExceeded error
how do I send a context parameter to the webhook/fulfilments DialogFlow v2
How to manipulate an object of Google Ads API's Enum class - python
google api refresh token returns null with react-google-login
Google Geocoding API request with cURL denied. I have an API key associated to a project with billing enabled
How to enable new "read it" function of Google Assistant API with Python?
Single oauth token and secret to access multiple services from google
Google Transit API bus stops in route invisible and on the map disabled
How to access Google search right hand side data programmatically?
How to set a popup on markers with Google Maps API?
How does Pokèmon Go uses custom Google map using Google Map API?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!