googlesamples
sign-in with only email describes signing will share profile picture and etc.
Step 1: Are you in the right place?
I am not entirely sure if I can ask web questions here. I came from a github link at the bottom of this page: https://developers.google.com/identity/sign-in/web/people.
If you know of a more appropriate channel, please let me know.
Step 2: Describe your environment
- Device: Macbook Pro
- OS version: 10.15.4
- Browser: Chrome
Step 3: Describe the problem:
Scoping to only email doesn't change the sign-in page description. The sign-in by default uses profile and displays "To continue, Google will share your name, email address, language preference, and profile picture with X. Before using this app, you can review X's privacy policy and terms of service."
https://developers.google.com/identity/sign-in/web/people suggests that having fetch_basic_profile: false and scope: 'email' should use only email. But the display message is the same.
The scope seems right in the request urls:
scope=email&openid.realm with fetch_basic_profile: false
scope=email%20profile%20openid&openid.realm with fetch_basic_profle: true
Steps to reproduce:
<!DOCTYPE html>
<html>
<body>
<script>
function renderButton() {
gapi.load('auth2', function() {
auth2 = gapi.auth2.init({
client_id: 'WEB_CLIENT_ID.apps.googleusercontent.com',
scope: 'email',
fetch_basic_profile: false,
});
// Sign the user in, and then retrieve their ID.
auth2.signIn().then(function() {
console.log(auth2.currentUser.get().getId());
});
});
}
</script>
<script src="https://apis.google.com/js/platform.js?onload=renderButton" async defer></script>
</body>
</html>
Set the WEB_CLIENT_ID above and run it locally in your browser then a Google sign-in page will pop-up.
Observed Results:
- Try with different fetch_basic_profile settings and you will see the same sign-in message.
Expected Results:
- When fetch_basic_profile is false, I'd expect to see "To continue, Google will share email with X."
