哪些Google OAuth2范围被视为“敏感"列表? [英] Where is the list of which Google OAuth2 scopes are considered "sensitive"?
问题描述
我了解到,Google OAuth2范围大致可分为三个类别,从最不容易被批准使用的范围到最少:
I understand that Google OAuth2 scopes broadly fit into three buckets, ordered from most difficult to be approved to use, to least:
- 限制范围
- 敏感范围
- 其他一切
- Restricted Scopes
- Sensitive Scopes
- everything else
我在这里找到了受限制范围的列表: https://support. google.com/cloud/answer/9110914?hl=zh_CN
I found a list of Restricted Scopes, here: https://support.google.com/cloud/answer/9110914?hl=en
我找不到敏感范围列表.我见过的所有Google页面都简单地说明了如果您请求一个敏感范围会发生什么情况,或者如果您正在使用一个敏感范围则该如何进行审查.很好,但是什么是敏感范围 ?
I am unable to find a list of Sensitive Scopes. All of the Google pages i've seen simply explain what happens if you request a sensitive scope, or how to go about review if you are using a sensitive scope. Fine, but what are the sensitive scopes?
为什么要知道:我希望通过避免敏感范围来避免审核的麻烦.我必须重构我的许多应用程序,以避免使用受限的范围(昨天,当Google向我发送警告时,我才刚刚意识到此问题).在此过程中,我不想在不需要时第一次无意间开始使用敏感范围.
Why I want to know: I wish to avoid the hassle of review by avoiding sensitive scopes. I'm having to refactor a lot of my app to avoid using a restricted scope (I only just became aware of this issue yesterday when Google emailed me a warning). In this process, I do not wish to inadvertently start using a sensitive scope for the first time when I do not need to.
推荐答案
如果您在"OAuth同意屏幕"配置UI [1]中单击添加范围"并注册您在应用程序中使用的所有范围,则在选择范围的过程中,将在旁边将显示锁定图标",这将被认为是敏感的.将鼠标悬停在锁定图标上会告诉您敏感范围需要验证".
If you click on 'Add scope' in the 'OAuth Consent Screen' configuration UI [1] and register all the scopes you are using in your application, in the process of selecting scopes, a 'lock icon' appears next to ones that will be considered sensitive. Hovering over the lock icon tells you that 'sensitive scopes require verification'.
请注意,为了注册您的作用域,您应该先启用打算使用的API [2].
Note that in order to register your scopes, you should have enabled the APIs you intend to use first [2].
在Google API数据使用政策[3]中始终建议您仅请求所需的数据.如果这意味着您可能需要访问某些敏感数据,建议对您的应用进行验证.通过应用验证,您的用户可以在使用应用时更加放心,因此这对您也有好处.
It is always recommended in the Google API Data Usage Policy [3] that you only request the data you need. If that means you may need access to certain sensitive data, it is recommended to get your app verified. App verification allows your users to have more confidence when using your app, so this is a benefit to you too.
[1] https://console.developers.google.com/apis/凭据/同意
[2] https://cloud.google.com/apis/docs/enable-disable-apis
[3] https://developers.google.com/terms/api-services-user-data-policy#request-relevant-permissions
这篇关于哪些Google OAuth2范围被视为“敏感"列表?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
