We are currently under verification of our application. We are reviewing all the scopes that have been granted for our app.
For example, in Gmail API we are currently approved for the following scopes by Google Team before. We are currently evaluating whether we need other scopes.
Restricted scopes | Gmail API | https://mail.google.com/ | Read, compose, send, and permanently delete all your email from Gmail |
Restricted scopes | Gmail API | .../auth/gmail.modify | Read, compose, and send emails from your Gmail account |
Restricted scopes | Gmail API | .../auth/gmail.insert | Add emails into your Gmail mailbox |
Restricted scopes | Gmail API | .../auth/gmail.compose | Manage drafts and send emails |
Furthermore, we found that in our app when the users are prompted for access in the "Consent Screen", they were only prompted for this scope:
https://mail.google.com/ - Read, compose, send, and permanently delete all your email from Gmail
Are there any dependencies between scopes? Let's say we removed ".../auth/gmail.compose" from our scopes, will that cause an error because "https://mail.google.com/ " might be dependent on the preceding scope mentioned?
If we remove the other scopes from our app verification and asked the Google Team to approve it, will that throw an error on our already released app? We are worried that it may affect some of our users who rely on Google Services.
Thanks to anyone for replying and your help.