Google App Engine Cloud Endpoints OAuth 2.0 Scopes

Question

I'm trying to follow the following guide: https://developers.google.com/appengine/docs/java/endpoints/auth

I've followed the steps and added the client id and the User parameter which when null I throw an OAuthRequestException exception.

When I deploy to Google and access the API using the API Explorer I get the expected unauthorised exception when accessing the API without OAuth. Great everything works so far!

It suggests to switch the OAuth 2.0 toggle. I do this and I get a message saying:

* API does not declare any scopes. You can manually add scopes using the box below

the message also directs me to: http://code.google.com/apis/accounts/docs/OAuth2.html to learn more about Scopes.

But there is very limited information about scopes on that suggested page. I'm new to OAuth and despite searching Google and StackOverflow I'm not sure what a scope is? How do I declare on in the API? When I manually add something to the API explorer prompt I get an error message saying it is an invalid_scope. So what is a valid scope?

Answer 1

For authentication to work with cloud endpoints you will need to request this scope:

https://www.googleapis.com/auth/userinfo.email

The cloud endpoints library needs the user's email address to create a User entity from it.

See https://developers.google.com/appengine/docs/java/endpoints/consume_js#adding-oath-authentication for reference.