I am making an multi-tenant platform that integrates client's Google drive to:
I am using SCOPE: https://www.googleapis.com/auth/drive which works well. However, the SCOPE is quite pervasive and Grant Full, permissive scope to access all of a user's files.
I just wanted access to create a folder editor access to things within.I don't want access to anything that client previously had in their Drive.
Do you think any way to have a limited SCOPE API?
Thanks to @Tanaike! SCOPE: https://www.googleapis.com/auth/drive.file is what solved my problem.
In that case, how about using the scope of https://www.googleapis.com/auth/drive.file instead of https://www.googleapis.com/auth/drive? The official document of https://www.googleapis.com/auth/drive.file says Per-file access to files created or opened by the app. File authorization is granted on a per-user basis and is revoked when the user deauthorizes the app.. Is this the direction you expect? – Tanaike 58 mins ago