GSuite OAuth 2.0 Invalid Scopes Grafana

Question

So, I've followed the documentation found here. I then created an oauth 2.0 web application here. After I took the client ID and I used it in the Manage API Client Access for the GSuite Admin following the documentation here to add the scopes. However, when I go to my app and I hit the "Sign in with Google" I get a:

400 Invalid Scopes

{invalid=['https://www.googleapis.com/auth/userinfo.profile, https://www.googleapis.com/auth/userinfo.email']}

Both of the scopes above have been added to the Manage API Client Access screens.

Any steps I might be missing?

TechTeam12 TechTeam12 · Accepted Answer · 2020-03-11T18:49:12

TLDR; Github pipeline + docker build args with spaces are a no-go. Use secrets and envs.

Found the solution. The issue was that I was defining my scopes in the CI pipeline (github yml) and passing it to my docker file as a build arg which was being converted to an ENV. This didn't work well since there was a space in the string. I moved the two scopes to a github secret and exported it as an ENV which is then secure env'd in the docker file.

GSuite OAuth 2.0 Invalid Scopes Grafana

1 Answers