-
×InformationNeed Windows 11 help?Check documents on compatibility, FAQs, upgrade information and available fixes.
Windows 11 Support Center.
-
×InformationNeed Windows 11 help?Check documents on compatibility, FAQs, upgrade information and available fixes.
Windows 11 Support Center.
- HP Community
- Printers
- Scanning, Faxing, and Copying
- Who Me Too'd this topic

Create an account on the HP Community to personalize your profile and ask a question
11-04-2018 07:22 PM
I was setting up scan to Google drive on my new printer today and found some concerning security settings. Is there any reason why the eStorage app used to scan to Google drive is requesting Full Access?
This seems like an extreme overstep of permissions actually needed in order to scan to drive and opens a rather large security risk.
The relevant access scope being requested:
https://www.googleapis.com/auth/drive Full, permissive scope to access all of a user's files, excluding the Application Data folder. Request this scope only when it is strictly necessary.
As per Google authentication guidelines here: https://developers.google.com/drive/api/v3/about-auth an app developer should "choose the most restrictive scope possible, and avoid requesting scopes that your app does not actually need."
From my prespective, the eStorage app should only need the following permissions:
https://www.googleapis.com/auth/drive.file
Per-file access to files created or opened by the app. File authorization is granted on a per-user basis and is revoked when the user deauthorizes the app.
and maybe
https://www.googleapis.com/auth/drive.readonly Allows read-only access to file metadata and file content
Could someone shed some light on how HP can change the access scopes to improve the security posture for this service?
Thanks!