This article pertains to customers who connect to Chili Piper via Google OAuth Registered Application. The Google Admin will be prompted to accept the permission scope when initializing the connection.
Please see the permissions and permission description below:
- See and download your contacts
- Why is this required? We ask for access to the contacts API, read-only, to make it faster to input guests when creating an event.
- See, edit, share, and permanently delete all the calendars you can access using Google Calendar.
- Why is this required? This pertains to the users you add to the account. This scope allows Chili Piper to schedule, reschedule, and cancel meetings. It also allows users to schedule meetings with themselves and others in your organization.
- See and download your organization's GSuite directory
- Why is this required? This allows Chili Piper to download your organization's directory (https://contacts.google.com/directory). Your organization's GSuite directory data may include mailing addresses, email addresses, names, calendar URLs, organizations, phone numbers, photos, and other relevant data possibly used in the booking process.
OAuth 2.0 scope
Below is the OAuth 2.0 scope information for the Google Calendar API:
- We use the first scope for read/write access to Calendars - https://www.googleapis.com/auth/calendar
- We also use the fourth scope for read-only access to Events - https://www.googleapis.com/auth/calendar.events.readonly
Third-Party App Access
If you have strict app access permissions within GSuite, you may need to adjust what apps are trusted to connect. Otherwise, you will see an error like this:
Error 400: admin_policy_enforced
To resolve this issue have your GSuite admin add Chili Piper app to the Trusted list within the GSuite Admin Console. "Security API controls" -> "Manage third-party app access".