Auth0 Home Blog Docs

Google social login contacts permissions

google
permissions
google-endpoints

#1

In the social connections > Google > permissions setup in auth0, there is an option to request permissions to a user’s google contacts. That permission setting seems to resolve to the google scope https://www.googleapis.com/auth/contacts.

That scope requests full contact management permission. In reviewing my permission requests, Google has suggested I use the READ-ONLY contacts scope:
https://www.googleapis.com/auth/contacts.readonly

I agree, and only want to request read-only contacts permissions of my users, but I don’t see a way to do that in auth0.

Is there any way to request read-only contact permissions instead of full management permissions?


#2

You should be able to accomplish that by not selecting the scope in question through the dashboard and then request the scope you actually need through a parameter. In particular, according to this documentation you can use the connection_scope parameter to include the read-only scope that you want to be requested from Google.


#3