search

SCRT-HQ / PSGSuite

Powershell module for Google / G Suite API calls wrapped in handy functions. Authentication is established using a service account via P12 key to negate the consent popup and allow for greater handsoff automation capabilities
https://psgsuite.io/
Apache License 2.0
234 stars 66 forks source link

Option to limit OAuth permissions? #277

Closed jeffreymcclain closed 4 years ago

jeffreymcclain commented 4 years ago

Hi, I am using a free / non-admin Google account, I followed your initial setup instructions listed here. However, when performing the "First-time authentication" step, I was a bit concerned about the permissions that your module requests.

I am sure your module is legitimate, but would it be possible to only grant specific permissions related to my use case? For example, I literally only want to read data from Google Sheets, so for the OAuth consent screen part of the instructions, I only added spreadsheets readonly rather than everything. However, for the "first-time authentication" step, I don't see an option to only grant said permission (it's not even in the list).

edit: Manually editing the generated url scope to "&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fspreadsheets.readonly" worked.

FISHMANPET commented 4 years ago

Those are all the permissions the project has, the link in that guide will enable all those APIs by default. If you go to the Dashboard for that project, at the bottom will be a list of APIs, you can click through to those and disable them. Otherwise you can make a new project from the console and only enable the APIs you want.

On Wed, Apr 15, 2020 at 2:10 PM Jeffrey McClain notifications@github.com wrote:

Hi, I am using a free / non-admin Google account, I followed your initial setup https://psgsuite.io/Initial%20Setup instructions listed here. However, when performing the "First-time authentication" step, I was a bit concerned about the permissions https://i.imgur.com/cwFweYC.png that your module requests.

I am sure your module is legitimate, but would it be possible to only grant specific permissions related to my use case? For example, I literally only want to read data from Google Sheets, so for the OAuth consent screen part of the instructions, I only added spreadsheets readonly https://www.googleapis.com/auth/spreadsheets.readonly rather than everything. However, for the "first-time authentication" step, I don't see an option to only grant said permission (it's not even in the list).

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/SCRT-HQ/PSGSuite/issues/277, or unsubscribe https://github.com/notifications/unsubscribe-auth/AB3SYZZZ556ZPV25NER7HELRMYBBHANCNFSM4MI2QMKQ .

jeffreymcclain commented 4 years ago

Thanks for the tip, I'll remove the other APIs manually for now and create a clean project later.