Reputation: 562
Gmail API - Scope
I am using a service account and domain wide delegation described here and I am able to get all emails from all email accounts on that specific domain. The scope that I am using is
Is there any way that I can exclude some email accounts (for example admin email accounts) from the whole domain? Is there a different procedure in order to achieve this?
To further clarify what I mean here is an example of what I want to do:
the service account will be able to access [email protected] , [email protected] but not [email protected]
Thanks!
Upvotes: 1
Views: 214
Answers (1)
Reputation: 13528
It's not possible to remove access to some accounts when doing domain-wide authorization with service accounts. It's all or nothing. If your security requirements forbid direct access to some portion of domain accounts you'll need to use regular OAuth 2.0 authentication, not a service account.
Upvotes: 2
Related Questions
- Gmail api scope & format mismatch
- Access gmail email with oauth for intranet webapp
- Why is this scope expressed as a URI?
- Gmail API google.auth.exceptions.RefreshError Invalid scope
- Google OAuth scope for sending mail
- How to get OAuth access to GMail?
- Gmail Api Mail Read Reciept
- Gmail API read metadata only scope
- Google-oauth2 authorization process
- OAuth 2.0 with GMAIL API using