All geek questions in one place

Request lower permissions with Google+ Sign In

I use the Google+ button on my website so that users do not need to create a user account. I'm not interested in any of the social aspects of the Google+ button (for now).

I want the user to have something like this: enter image description here

But instead, they are presented with something like this: enter image description here

What I feel will bring up some potential new users. How to configure the user using the top screenshot?

I set the login button attribute: data-scope="https://www.googleapis.com/auth/userinfo.email" or ... plus.me , but it seems that plus.info getting enabled independently. This means that my users are requesting all additional permissions.

I read this post: Log in to Google, but not Google + , but ...

This Google page and this Google page recommend the Google+ login button on top of other tags. And since one day I want to use social functions, it makes sense to me.

So am I doing something dumb? Is there a way to use the Google+ login button without asking for all the permissions in the second screenshot?

+4
source share
1 answer

The permissions specified in the consent dialog box are tied to the requests you request. The difference in your example is the difference between plus.me and plus.login . If you use the traditional OAuth 2.0 login flow, you can simply switch the area you use to reflect the fact that you are not requesting additional user data. However, if you use the Google+ sign-in button, the plus.login area plus.login automatically turned on, as this is an area that allows you to add additional features that are part of the Google+ system.

Learn more about areas at https://developers.google.com/+/api/oauth#scopes . And if you don’t want to use the additional Google+ login features, you can learn more about OAuth 2.0 streams at https://developers.google.com/accounts/docs/OAuth2 .

+6
source

Source: https://habr.com/ru/post/1498503/

More articles:


All Articles