Hi!
I’m trying to implement a Google Workspace connection, with custom scopes. The logic of my application is as follows:
All users log in through Google Workspace connection, and then there is a separate page for the user with admin rights on the site with a button to give the Google app additional rights (organization permissions) to further use admin refresh token to work with google admin sdk api. And I could redirect from this button to the link taken in Google Workspace → Setup, but it seems to contain a static set of scopes that I can’t edit, namely:
- https://www.googleapis.com/auth/admin.directory.user.readonly
- https://www.googleapis.com/auth/admin.directory.group.readonly
- email.
However, I also need https://www.googleapis.com/auth/admin.directory.resource.calendar permission for my application to work.
I found that I can edit scope through management api using upstream_params, but they are acting for all users, but not for the only link from Google Workspace → Setup.
Is there any way to add this additional scope https://www.googleapis.com/auth/admin.directory.resource.calendar to the admin authorization request in Google Workspace?