The scopes an application requests determine the permissions that the user is requested to grant when they authenticate. Certain API calls can only be made if related scopes have been requested. The following are the available OAuth 2.0 scopes that provide access to the Google+ Domains APIs. Add the scopes your application needs to the space-delimited scope list supplied during the OAuth 2.0 flow for your application.
- Grants the app permission to use the special value
meto represent the authenticated user. Does not apply to apps that use domain-wide delegation of authority.
- Grants the app permission to read the names of the user's circles, and the people and pages that are members of each circle.
- Grants permission for the app to create circles, delete circles, add people and pages to the user's circles, and remove people and pages from the user's circles. The Google+ Domains API only permits adding and removing people in the same Google Apps domain as the user.
- Grants permission for the app to read Google+ posts and comments by the user, or that are visible to the user. The Google+ Domains API only permits reading posts by people in the same G Suite domain as the user, and comments on those posts. Comments made by people outside of the Google Apps domain of the user are accessible using the Google+ Domains API if they were made on posts authored by people in the domain.
- Grants permission for the app to create posts or comments on behalf of a user. The Google+ Domains API only allows creation of restricted posts, and only allows comments to be added to restricted posts.
- Grants permission for the app to upload photos and videos on behalf of the user.
To request access using OAuth 2.0, your application needs the scope information, as well as information that Google supplies during application registration, such as the client ID and/or the client secret.