What is throwing me off here is the keyword additional . Users are seeing this screen every time they sign in with Google. Shouldn't they only see it once (the first time)?
I'm using the Google 3P Authorization JavaScript Library for websites .
I followed this documentation in my implementation.
It just seems weird to me that the screen says "additional access" but then doesn't list any additional permission requests.
Anyone have any idea what could be causing this? Or is this the expected behavior?
I think that is caused by the selected scopes. An scope is the set of resources and operations that an access token permits. Reading the documentation you followed, it has been selected an scope to be able to read the calendar:
function initClient() {
client = google.accounts.oauth2.initCodeClient({
client_id: 'YOUR_CLIENT_ID',
**scope: 'https://www.googleapis.com/auth/calendar.readonly',**
But the default scope is email ( https://www.googleapis.com/auth/userinfo.email ) and profile ( https://www.googleapis.com/auth/userinfo.profile ) so this is why that screen appears and asks for additional access. Try to change the scope, please.
More information about google OAuth scopes: https://developers.google.com/identity/protocols/oauth2/scopes#oauth2
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.