1

My app requires google calendar scope but in consent screen this permission is optional and unchecked by default and so many users missed that part.

Unchecked Calendar Scope

How can I make it as mandatory scope like this?

enter image description here

This is my code to generate auth url:

$client = new Google_Client();
$client->setApplicationName(config('app_name'));
$client->setScopes([
    Google_Service_Calendar::CALENDAR,
    'profile',
    'email'
]);
$client->setAuthConfig(config('credentials.google'));
$client->setAccessType('offline');
$client->setPrompt('select_account consent');

return $client->createAuthUrl();

Weird thing is that if I remove 'profile' and 'email' scopes it works as I expected but I also need these scopes to get user's email and name during registration.

Also my app is verified by google and other functionality (like reading user's events etc.) works fine.

Closest thread to my question is here. But accepted answer says "Users will have the ability to grant or deny permissions individually."

What is the trick behind the second image?

AmirRezaM75
  • 1,030
  • 14
  • 17

1 Answers1

0

This is the expected behavior in this situation as these are the new granular permissions implemented by Google regarding OAuth and APIs.

The new feature which is still being rolled out comes with the check boxes unchecked by default, such that the users executing the app will have to select those manually and there is no way of turning this feature off.

Reference

ale13
  • 5,679
  • 3
  • 10
  • 25
  • But how [Calendly](https://calendly.com/) does this? – AmirRezaM75 Nov 15 '21 at 16:22
  • I also check created auth url from Calendly. It has these parameters: ?access_type=offline&client_id=....&include_granted_scopes=true&prompt=select_account%20consent&redirect_uri=....&response_type=code&scope=email%20profile%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcalendar&state=signup&flowName=GeneralOAuthFlow – AmirRezaM75 Nov 15 '21 at 16:25