Google Workspace (G Suite) · OAuth Scopes

Google Workspace (G Suite) OAuth Scopes

OAuth 2.0 derived

Google Workspace (G Suite) publishes 5 OAuth 2.0 scopes via the authorizationCode flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the Google Workspace (G Suite) API on a user’s behalf.

Tokens are issued from https://oauth2.googleapis.com/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

CloudCollaborationEnterpriseGoogleProductivityWorkspace
Scopes: 5 Flows: authorizationCode Method: derived

OAuth endpoints

Authorization URL
https://accounts.google.com/o/oauth2/v2/auth
Token URL
https://oauth2.googleapis.com/token
Flows
authorizationCode

Scopes (5)

ScopeDescriptionFlows
gmail.compose Create, read, update, and delete drafts; send messages and drafts authorizationCode
gmail.labels Manage mailbox labels authorizationCode
gmail.modify All read/write operations except immediate, permanent deletion authorizationCode
gmail.readonly Read all resources and metadata authorizationCode
gmail.send Send messages only authorizationCode

Source

OAuth Scopes

google-suite-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/google-suite-openapi.yml
schemes:
- name: OAuth2
  source: openapi/google-suite-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://accounts.google.com/o/oauth2/v2/auth
    tokenUrl: https://oauth2.googleapis.com/token
scopes:
- scope: gmail.compose
  description: Create, read, update, and delete drafts; send messages and drafts
  flows:
  - authorizationCode
  sources:
  - openapi/google-suite-openapi.yml
- scope: gmail.labels
  description: Manage mailbox labels
  flows:
  - authorizationCode
  sources:
  - openapi/google-suite-openapi.yml
- scope: gmail.modify
  description: All read/write operations except immediate, permanent deletion
  flows:
  - authorizationCode
  sources:
  - openapi/google-suite-openapi.yml
- scope: gmail.readonly
  description: Read all resources and metadata
  flows:
  - authorizationCode
  sources:
  - openapi/google-suite-openapi.yml
- scope: gmail.send
  description: Send messages only
  flows:
  - authorizationCode
  sources:
  - openapi/google-suite-openapi.yml