Your app can request additional scopes any time after the initial scopes have been granted. In this case, only those additional scopes will appear in the user's consent screen. Your app should request all previously granted scopes with these additional scopes to ensure your app proceeds with all the access it expects.
Before you begin
You must complete the basic Google Sign-In integration.
Checking which scopes have been granted
To check which scopes have already been granted to your app, use the
grantedScopes
property of GIDGoogleUser
:
NSString *driveScope = @“https://www.googleapis.com/auth/drive.readonly”;
GIDGoogleUser *user = [GIDSignIn sharedInstance].currentUser;
// Check if the user has granted the Drive scope
if (![user.grantedScopes containsObject:driveScope]) {
// request additional drive scope
}
Based on whether or not a certain scope has been granted by the user, you might need to make a request for an additional scope in order to support a particular interaction.
Requesting additional scopes
To request additional scopes, append the new scopes to the scopes
property of
the GIDSignIn
shared instance, then call the signIn
method to request
consent. For example, to request read-only access to a user's Drive:
NSArray *currentScopes = [GIDSignIn sharedInstance].scopes;
[GIDSignIn sharedInstance].scopes = [currentScopes arrayByAddingObject:driveScope];
// Set loginHint to skip the account chooser.
[GIDSignIn sharedInstance].loginHint = user.profile.email;
[[GIDSignIn sharedInstance] signIn];
You might use this technique if you suspect users are avoiding sign-in because your consent screen is overwhelming new users, or if you think users are confused why they are being asked for certain permissions. In either case, you can delay the additional scopes and present them just before they are needed.