4

I'm configuring the scopes that my application requires for accessing Google and I can't find the difference between those two:

  1. https://www.googleapis.com/auth/userinfo.email
  2. https://www.googleapis.com/auth/userinfo.profile

In the documentation we can see the following:

https://www.googleapis.com/auth/userinfo.email View your email address https://www.googleapis.com/auth/userinfo.profile View your basic profile info

However, when I access userinfo via api-client-library I get all the info even in case I don't request one of the scopes. 

com.google.api.services.oauth2.Oauth2#userinfo

Returns complete object. Event if I don't use email scope, email is still returned. But, if I don't use both of the scopes - access is restricted and call fails. The question is what's the difference between these two scopes and which one is preferable?

Improve this question

1 Answer 1

Reset to default
0

https://developers.google.com/identity/protocols/oauth2/scopes#google-sign-in

Google Sign-In Scopes

profile: View your basic profile info.

email: View your email address.

openid: Authenticate using OpenID Connect.

Basic Profile: ID, Full name, Given Name, Family Name, Image URL.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.