public sealed class OAuthRequirements : IMessage<OAuthRequirements>, IEquatable<OAuthRequirements>, IDeepCloneable<OAuthRequirements>, IBufferMessage, IMessage
OAuth scopes are a way to define data and permissions on data. For example,
there are scopes defined for "Read-only access to Google Calendar" and
"Access to Cloud Platform". Users can consent to a scope for an application,
giving it permission to access that data on their behalf.
OAuth scope specifications should be fairly coarse grained; a user will need
to see and understand the text description of what your scope means.
In most cases: use one or at most two OAuth scopes for an entire family of
products. If your product has multiple APIs, you should probably be sharing
the OAuth scope across all of those APIs.
When you need finer grained OAuth consent screens: talk with your product
management about how developers will use them in practice.
Please note that even though each of the canonical scopes is enough for a
request to be accepted and passed to the backend, a request can still fail
due to the backend requiring additional scopes or permissions.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-28 UTC."],[[["\u003cp\u003eOAuth scopes define data and permissions, allowing users to grant applications access to specific data.\u003c/p\u003e\n"],["\u003cp\u003eScope specifications should be coarse-grained to ensure users understand what they are consenting to.\u003c/p\u003e\n"],["\u003cp\u003eProducts with multiple APIs should share OAuth scopes across those APIs in most cases.\u003c/p\u003e\n"],["\u003cp\u003e\u003ccode\u003eOAuthRequirements\u003c/code\u003e is a class that manages a list of publicly documented OAuth scopes, and tokens with these scopes are accepted.\u003c/p\u003e\n"],["\u003cp\u003eThe backend may require additional scopes or permissions for a request to be fully accepted, even if it contains one of the canonical scopes.\u003c/p\u003e\n"]]],[],null,["# Class OAuthRequirements (2.17.0)\n\nVersion latestkeyboard_arrow_down\n\n- [2.17.0 (latest)](/dotnet/docs/reference/Google.Api.CommonProtos/latest/Google.Api.OAuthRequirements)\n- [2.15.0](/dotnet/docs/reference/Google.Api.CommonProtos/2.15.0/Google.Api.OAuthRequirements)\n- [2.10.0](/dotnet/docs/reference/Google.Api.CommonProtos/2.10.0/Google.Api.OAuthRequirements)\n- [2.2.0](/dotnet/docs/reference/Google.Api.CommonProtos/2.2.0/Google.Api.OAuthRequirements) \n\n public sealed class OAuthRequirements : IMessage\u003cOAuthRequirements\u003e, IEquatable\u003cOAuthRequirements\u003e, IDeepCloneable\u003cOAuthRequirements\u003e, IBufferMessage, IMessage\n\nOAuth scopes are a way to define data and permissions on data. For example,\nthere are scopes defined for \"Read-only access to Google Calendar\" and\n\"Access to Cloud Platform\". Users can consent to a scope for an application,\ngiving it permission to access that data on their behalf.\n\nOAuth scope specifications should be fairly coarse grained; a user will need\nto see and understand the text description of what your scope means.\n\nIn most cases: use one or at most two OAuth scopes for an entire family of\nproducts. If your product has multiple APIs, you should probably be sharing\nthe OAuth scope across all of those APIs.\n\nWhen you need finer grained OAuth consent screens: talk with your product\nmanagement about how developers will use them in practice.\n\nPlease note that even though each of the canonical scopes is enough for a\nrequest to be accepted and passed to the backend, a request can still fail\ndue to the backend requiring additional scopes or permissions. \n\nInheritance\n-----------\n\n[object](https://learn.microsoft.com/dotnet/api/system.object) \\\u003e OAuthRequirements \n\nImplements\n----------\n\n[IMessage](https://cloud.google.com/dotnet/docs/reference/Google.Protobuf/latest/Google.Protobuf.IMessage-1.html)[OAuthRequirements](/dotnet/docs/reference/Google.Api.CommonProtos/latest/Google.Api.OAuthRequirements), [IEquatable](https://learn.microsoft.com/dotnet/api/system.iequatable-1)[OAuthRequirements](/dotnet/docs/reference/Google.Api.CommonProtos/latest/Google.Api.OAuthRequirements), [IDeepCloneable](https://cloud.google.com/dotnet/docs/reference/Google.Protobuf/latest/Google.Protobuf.IDeepCloneable-1.html)[OAuthRequirements](/dotnet/docs/reference/Google.Api.CommonProtos/latest/Google.Api.OAuthRequirements), [IBufferMessage](https://cloud.google.com/dotnet/docs/reference/Google.Protobuf/latest/Google.Protobuf.IBufferMessage.html), [IMessage](https://cloud.google.com/dotnet/docs/reference/Google.Protobuf/latest/Google.Protobuf.IMessage.html) \n\nInherited Members\n-----------------\n\n[object.Equals(object, object)](https://learn.microsoft.com/dotnet/api/system.object.equals#system-object-equals(system-object-system-object)) \n[object.GetType()](https://learn.microsoft.com/dotnet/api/system.object.gettype) \n[object.ReferenceEquals(object, object)](https://learn.microsoft.com/dotnet/api/system.object.referenceequals)\n\nNamespace\n---------\n\n[Google.Api](/dotnet/docs/reference/Google.Api.CommonProtos/latest/Google.Api)\n\nAssembly\n--------\n\nGoogle.Api.CommonProtos.dll\n\nConstructors\n------------\n\n### OAuthRequirements()\n\n public OAuthRequirements()\n\n### OAuthRequirements(OAuthRequirements)\n\n public OAuthRequirements(OAuthRequirements other)\n\nFields\n------\n\n### CanonicalScopesFieldNumber\n\n public const int CanonicalScopesFieldNumber = 1\n\nField number for the \"canonical_scopes\" field.\n\nProperties\n----------\n\n### CanonicalScopes\n\n public string CanonicalScopes { get; set; }\n\nThe list of publicly documented OAuth scopes that are allowed access. An\nOAuth token containing any of these scopes will be accepted.\n\nExample: \n\n canonical_scopes: https://www.googleapis.com/auth/calendar,\n https://www.googleapis.com/auth/calendar.read\n\n### Descriptor\n\n public static MessageDescriptor Descriptor { get; }\n\n### Parser\n\n public static MessageParser\u003cOAuthRequirements\u003e Parser { get; }\n\nMethods\n-------\n\n### CalculateSize()\n\n public int CalculateSize()\n\n### Clone()\n\n public OAuthRequirements Clone()\n\n### Equals(OAuthRequirements)\n\n public bool Equals(OAuthRequirements other)\n\n### Equals(object)\n\n public override bool Equals(object other)\n\n**Overrides** \n[object.Equals(object)](https://learn.microsoft.com/dotnet/api/system.object.equals#system-object-equals(system-object))\n\n### GetHashCode()\n\n public override int GetHashCode()\n\n**Overrides** \n[object.GetHashCode()](https://learn.microsoft.com/dotnet/api/system.object.gethashcode)\n\n### MergeFrom(OAuthRequirements)\n\n public void MergeFrom(OAuthRequirements other)\n\n### MergeFrom(CodedInputStream)\n\n public void MergeFrom(CodedInputStream input)\n\n### ToString()\n\n public override string ToString()\n\n**Overrides** \n[object.ToString()](https://learn.microsoft.com/dotnet/api/system.object.tostring)\n\n### WriteTo(CodedOutputStream)\n\n public void WriteTo(CodedOutputStream output)"]]