Over the weekend it seems the option to select gmail:readonly permissions disappeared along with other fine grained permissions, and now Auth0 only offers a blanket scope that includes all permissions whatever you select. Am I missing something here?
Indeed, for the google social connection, the permissions have transitioned from fine grained permissions to scopes which include multiple permissions.
If you have any other questions regarding the matter, please let me know!
Why @nik.baleca β https://www.googleapis.com/auth/gmail.readonly is very different from https://www.googleapis.com/auth/gmail.compose which can be destructive. Requesting blanket permissions presents a very intimidating permissions screen to the user for permissions we donβt even need.
Additionally this worked great last week so it was certainly extremely annoying to realize we might need to include more scopes with the Google Oauth review which can take up to 6 weeks. Blanket scopes and especially blanket restricted (sensitive) scopes can end up costing time and thousands of dollars in review time with Google. The change you made is not trivial at all! There is a good chance we will get rejected for requesting scopes not used in our applications.
@nik.baleca - just to reiterate. When submitting a Google App for Oauth access review, you have to demonstrate in great detail (in both text and a Youtube video), the reason for requesting each sensitive or restricted scope which is why we absolutely need fine grained permissions.
I understand you concerns regarding blanked permissions.
However, if you visit the google social connection settings, as of today, the permissions have been updated and now each specific scope can be selected individually, returning the fine grained permissions experience as before.