Ask too many Google Drive permissions when using https://www.googleapis.com/auth/drive -


my app required upload csv , convert google sheets. asking permission "https://www.googleapis.com/auth/drive" our user. of our users complain asking many permissions. there other settings can use avoid asking much?

here permission list when user authorizes:

upload, download, update, , delete files in google drive
create, access, update, , delete native google documents in google drive
manage files , documents in google drive (e.g., search, organize, , modify permissions , other metadata, such title)

what scope or scopes app need?

as general rule, choose restrictive scope possible, , avoid requesting scopes app not need. users more readily grant access limited, described scopes. conversely, users may hesitate grant broad access files unless trust app , understand why needs information.

the scope https://www.googleapis.com/auth/drive.file strikes balance in practical way. presumably, users open or create file app trust, reasons understand.

https://www.googleapis.com/auth/drive.file per-file access files created or opened app

requesting full drive scope app

full access files in user's drive (https://www.googleapis.com/auth/drive) may necessary apps. app designed sync files, instance, needs level of access drive. apps special needs related listing or reorganizing files might need full scope.

requesting drive-wide read-only scope app

read-only access of user's drive files (https://www.googleapis.com/auth/drive.readonly) may useful apps. instance, photo browser might need reorganize image files in unique presentation order slideshow, or mobile app might have work around unique display constraints without needing write anything. apps need read file metadata files in drive, there's https://www.googleapis.com/auth/drive.metadata.readonly.

requesting full drive scope during app development

one common , valid case using full scope iterative development. may easier avoid authorization-related constraints , use full scope while testing app during development. before publish app, can off file-level scope or whatever scope need production operation.

conculsion

that text ripped directly google drive scopes page use rule of thumb when developing drive applications. in case because need able upload files should consider testing little https://www.googleapis.com/auth/drive.file scope, haven't tried 1 before sounds may work in instance. unfortunately think other option besides full drive access.


Comments

Popular posts from this blog

c# - Better 64-bit byte array hash -

webrtc - Which ICE candidate am I using and why? -

php - Zend Framework / Skeleton-Application / Composer install issue -