Ad

Google OAuth2 - Consent Screen And Redundant Popup

- 1 answer

I'm working on a google calendar integration and everything is working as expected except of one thing: for some reason when user is redirected to the consent screen google first shows the popup asking to allow the required permissions:

enter image description here

And once user picks "deny" or "allow" the user is presented with the final consent screen where they must click "allow" or "cancel" again:

enter image description here

The question is: how do I get rid of that popup and make sure the user has to click the "allow" button only once just like in the last referencing screenshot below?

After more research I've found that there are web apps that require the same calendar integration but there is no that popup and the users are redirected straight to the final consent screen.

One more thing I've noticed is that while in my case consent screen shows checkbox while in the referenced web app there is no checkbox and user must click allow or cancel once (and in general the screen looks a bit differently):

enter image description here

Here is my code of generating the authUrl:

    //"googleapis": "^39.2.0",

    const {google} = require('googleapis/build/src/index');

    let oauth2ClientGlobal = new google.auth.OAuth2(
        "{{clientId}}",
        "{{clientSecret}}",
        "https://example.com/calendarCallback"
    )
    let authUrl = oauth2ClientGlobal.generateAuthUrl({
        access_type: 'offline',
        scope: ['https://www.googleapis.com/auth/calendar.events'],
    });
Ad

Answer

The new screens are intended behavior. Google announced that they will rollout granular permission control in 2018. See https://www.blog.google/technology/safety-security/project-strobe/ and https://developers.googleblog.com/2018/10/more-granular-google-account.html.

Ad
source: stackoverflow.com
Ad