I have a Google GMAIL API oAuth application configured. When I set this up in the Google Cloud console, I gave it access to all the gmail scopes.
However, when I initiate an oAuth consent screen, I only see an option to pick the read only scopes.
I've read that you need to verify an application if you want to have access to these scopes in production, but this is an application with a Published Status of "Testing", not production.
How can I get scopes like .../auth/gmail.labels
and .../auth/gmail.modify
to appear as selection in this oAuth screen in order to allow my application to set labels on messages?
When you request oAuth permission from a gmail application, you send a number of parameters along.
https://accounts.google.com/o/oauth2/v2/auth/oauthchooseaccount?
response_type=code&
client_id=abc123
&redirect_uri=http%3A%2F%2Flocalhost%3A8082
prompt=consent&
scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fgmail.readonly%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fgmail.modify%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fgmail.labels&
access_type=offline&
service=lso&
o2v=2&
ddm=0&
flowName=GeneralOAuthFlow
The scope
parameter is where you indicate which permissions you want the consent screen to ask users for. This is a space delimited list of scopes from the Google API docs. Users will then need to explicitly check the boxes for the scopes they're giving the application.
If you're using a client library that generates this URL for you, they may offer you the ability to configure these scopes. Only your library docs know for sure.