Stay organized with collections
Save and categorize content based on your preferences.
This document contains Google Sheets API-specific authorization and
authentication information. Before reading this document, be sure to read the
Google Workspace's general authentication and authorization information at
Learn about authentication and authorization.
Note that Sheets API scopes are applied to a
spreadsheet file and cannot
be limited to a specific sheet.
To prevent modification of a sheet, use a
ProtectedRange
to define a cell or range of cells that cannot be edited. For an example, see
Named and protected ranges.
To define the level of access granted to your app, you need to identify and
declare authorization scopes. An authorization scope is an OAuth 2.0 URI string
that contains the Google Workspace app name, what kind of data it accesses, and
the level of access. Scopes are your app's requests to work with Google Workspace data, including
users' Google Account data.
When your app is installed, a user is asked to validate the scopes used
by the app. Generally, you should choose the most narrowly focused scope
possible and avoid requesting scopes that your app doesn't require. Users more
readily grant access to limited, clearly described scopes.
When possible, we recommend using non-sensitive scopes as it grants per-file
access scope and narrows access to specific features needed by an app.
The Sheets API supports the following scopes:
Scope code
Description
Usage
https://www.googleapis.com/auth/spreadsheets
See, edit, create, and delete all your Google Sheets spreadsheets.
See, edit, create, and delete only the specific Google Drive files you
use with this app.
Recommended Non-sensitive
https://www.googleapis.com/auth/drive
See, edit, create, and delete all of your Google Drive files.
Restricted
https://www.googleapis.com/auth/drive.readonly
See and download all your Google Drive files.
Restricted
The Usage column in the table indicates the sensitivity of each scope, according
to the following definitions:
Non-sensitive: These scopes provide the smallest scope of authorization
access and only requires basic app verification. For information on this
requirement, see Submitting your app for
verification.
Sensitive: These scopes provide access to specific Google User Data
that's authorized by the user for your app. It requires you to go through
additional app verification. For information on this requirement, see
Sensitive and Restricted Scope
Requirements.
Restricted: These scopes provide wide access to Google User Data and
require you to go through a restricted scope verification process. For
information on this requirement, see Google API Services User Data
Policy and Additional Requirements
for Specific API
Scopes.
If you store restricted scope data on servers (or transmit), then you must
go through a security assessment.
If your app requires access to any other Google APIs, you can add those scopes
as well. For more information about Google API scopes, see Using OAuth 2.0 to
Access Google APIs.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-04 UTC."],[],[],null,["This document contains Google Sheets API-specific authorization and\nauthentication information. Before reading this document, be sure to read the\nGoogle Workspace's general authentication and authorization information at\n[Learn about authentication and authorization](/workspace/guides/auth-overview).\n\nNote that Sheets API scopes are applied to a\n[spreadsheet](/workspace/sheets/api/guides/concepts#spreadsheet) file and cannot\nbe limited to a specific [sheet](/workspace/sheets/api/guides/concepts#sheet).\nTo prevent modification of a sheet, use a\n[`ProtectedRange`](/workspace/sheets/api/reference/rest/v4/spreadsheets/sheets#protectedrange)\nto define a cell or range of cells that cannot be edited. For an example, see\n[Named and protected ranges](/workspace/sheets/api/samples/ranges).\n\nConfigure OAuth 2.0 for authorization\n\n[Configure the OAuth consent screen and choose scopes](/workspace/guides/configure-oauth-consent)\nto define what information is displayed to users and app reviewers, and register\nyour app so that you can publish it later.\n\nSheets API scopes\n\nTo define the level of access granted to your app, you need to identify and\ndeclare *authorization scopes*. An authorization scope is an OAuth 2.0 URI string\nthat contains the Google Workspace app name, what kind of data it accesses, and\nthe level of access. Scopes are your app's requests to work with Google Workspace data, including\nusers' Google Account data.\n\n\nWhen your app is installed, a user is asked to validate the scopes used\nby the app. Generally, you should choose the most narrowly focused scope\npossible and avoid requesting scopes that your app doesn't require. Users more\nreadily grant access to limited, clearly described scopes.\n\nWhen possible, we recommend using non-sensitive scopes as it grants per-file\naccess scope and narrows access to specific features needed by an app.\n| If your public application uses scopes that permit access to certain user data, it must complete a verification process. If you see **unverified\n| app** on the screen when testing your application, you must submit a verification request to remove it. Find out more about [unverified apps](https://support.google.com/cloud/answer/7454865) and get answers to [frequently asked questions about app verification](https://support.google.com/cloud/answer/9110914) in the Help Center.\n\nThe Sheets API supports the following scopes:\n\n| Scope code | Description | Usage |\n|---------------------------------------------------------|-------------------------------------------------------------------------------------------|---------------------------|\n| `https://www.googleapis.com/auth/spreadsheets` | See, edit, create, and delete all your Google Sheets spreadsheets. | Sensitive |\n| `https://www.googleapis.com/auth/spreadsheets.readonly` | See all your Google Sheets spreadsheets. | Sensitive |\n| `https://www.googleapis.com/auth/drive.file` | See, edit, create, and delete only the specific Google Drive files you use with this app. | Recommended Non-sensitive |\n| `https://www.googleapis.com/auth/drive` | See, edit, create, and delete all of your Google Drive files. | Restricted |\n| `https://www.googleapis.com/auth/drive.readonly` | See and download all your Google Drive files. | Restricted |\n\nThe Usage column in the table indicates the sensitivity of each scope, according\nto the following definitions:\n\n- **Non-sensitive** : These scopes provide the smallest scope of authorization\n access and only requires basic app verification. For information on this\n requirement, see [Submitting your app for\n verification](https://support.google.com/cloud/answer/13461325).\n\n- **Sensitive** : These scopes provide access to specific Google User Data\n that's authorized by the user for your app. It requires you to go through\n additional app verification. For information on this requirement, see\n [Sensitive and Restricted Scope\n Requirements](https://support.google.com/cloud/answer/13464321#ss-rs-requirements).\n\n- **Restricted** : These scopes provide wide access to Google User Data and\n require you to go through a restricted scope verification process. For\n information on this requirement, see [Google API Services User Data\n Policy](/terms/api-services-user-data-policy) and [Additional Requirements\n for Specific API\n Scopes](/terms/api-services-user-data-policy#additional_requirements_for_specific_api_scopes).\n If you store restricted scope data on servers (or transmit), then you must\n go through a security assessment.\n\nIf your app requires access to any other Google APIs, you can add those scopes\nas well. For more information about Google API scopes, see [Using OAuth 2.0 to\nAccess Google APIs](/identity/protocols/oauth2).\n\nFor more information about specific OAuth 2.0 scopes, see [OAuth 2.0 Scopes for\nGoogle APIs](/identity/protocols/oauth2/scopes).\n\nRelated topics\n\n- [Choose Google Drive API scopes](/workspace/drive/api/guides/api-specific-auth)\n- [OAuth App Verification Help Center](https://support.google.com/cloud/answer/13463073)\n- [OAuth App Verification FAQs](https://support.google.com/cloud/answer/13463817)"]]
