My web app needs multiple OAuth consent screen. Do I have to create another project to create another consent screen?

Question

I have a web app that uses Google Drive API and the end user can choose whether they want to give full access or read-only access (this is crucial). To my knowledge, you can only create a single OAuth consent screen per project. Since I can't dynamically change the scopes of the screen, does this mean I have to create a new project just for a new OAuth consent screen?

Answer 1

You only need a single OAuth consent screen, and a single production project on Google cloud console. The fact of the matter is that the verification team is not going to be happy verifying your app with two different projects, as was recommended in another answers.

The instructions from google is each app should have one project for production and one for test / development, the first being verified.

When your app requests authorization of the user you pass the scopes that you request the user to access. What you can do is have two separate buttons one to request read-only access and one to request write access. The user can then pick which one they want to grant your application access to. Each button requesting the scope that you wish.

If the user changes their mind after granting you read only access and now wants to grant you write access, then you need only include granted scopes pram when you have them grant you access to the new scopes.

consent screen

Remember that the scopes you configure in the consent screen are just for the verification teams information. They do not effect what is shown in your application when the user clicks consent. That is configured in your code.