描述
App
Google Calendar
Summary:
Restrict scope to read-only on Google Calendar Connect (managed users)
Details:
Hey team — I'm using Pipedream Connect to manage Google Calendar OAuth for end users via the official google_calendar app. I want my end users to consent to only https://www.googleapis.com/auth/calendar.readonly instead of the full default scope set (which includes calendar.events write).
Is there a way to request a subset of the official OAuth client's scopes when calling pd.connectAccount({ app: "google_calendar", token }) from the frontend SDK? Some kind of scopes or requested_scopes parameter on the Connect Token or the SDK call?
If not possible with the official client, can I configure a custom OAuth client with only calendar.readonly and have the same project use BOTH (official for some users, custom-readonly for others) — and how would the frontend pick which one to use?
Thanks!
Screenshots:
No screenshots included