Reputation: 9685
Google Drive: What combination of scopes lets an app read existing files but not have edit/delete privileges?
I've found that with https://www.googleapis.com/auth/drive scope, my app can read all existing files (and their contents) in a Google Drive, but when I auth the app, it says that this scope can also delete files in the drive and I don't want to grant that.
I know that by itself https://www.googleapis.com/auth/drive.file only allows the app to read files created by the app itself or especially granted access.
I've tried other combinations, but can't find one where the the app can read the contents of any file I can see, but can't delete anything. This is the closest I've come:
https://www.googleapis.com/auth/drive.metadatahttps://www.googleapis.com/auth/drive.filehttps://www.googleapis.com/auth/drive.activityhttps://www.googleapis.com/auth/documents
Is there a combination that will achieve my goal?
Upvotes: 3
Views: 972
Answers (3)
Reputation: 117281
There isn't one if you have access to read and write to a file then you will also have access to delete that file.
Its how they have permissions setup.
If you don't want to upload and only download try drive readonly. scopes#drive
Upvotes: 0
Reputation: 455
If you're not intending to create any files or save any data to Drive, then you have the https://www.googleapis.com/auth/drive.readonly scope.
Note that this is a restricted scope that will grant your app with read-only access to the user's entire Drive, but it will also prevent your app from creating any new files or editing existing ones.
If you want your application to be able to access the entire Drive, and you're planning to release your app to the public, you should submit your application to a restricted scope verification and security assessment; otherwise your app will be limited to 100 users, and users will see a warning while your app is unverified.
Here's more information:
- OAuth 2.0 Scopes for Google APIs - Drive API, v3
- Additional Requirements for Specific API Scopes section in the Google API Services User Data Policy
- OAuth API verification FAQs
Upvotes: 0
Related Questions
- Google Drive api scope and file access (drive vs drive.files)
- Google Drive Sync + Read-only access
- Using Google Drive API to edit other user's files
- Manage Google Drive files through App Engine
- What is considered as a "file access" on Google Cloud Storage?
- Google Drive Public File Permissions
- Google Drive permission "add but not edit"
- Google Drive API for Android - Only Drive.SCOPE_FILE access, need read only
- Access to read/write of user google drive data
- Google Drive SDK Permissions by file/folder