I'm using OAuth 2.0 Google API for google calendar service authentication. Each time when a users logs in the application, it prompts for Allow access even if the user has already allowed access on previous visits to the application.
How can I code it so that it remember the application and user for allowed access by users in past and so do not prompt for "Allow access" again for that same application.
I assume you are using Google PHP API. Setting client object to use auto for approval promt does the trick for me.
$client = new apiClient();
$client->setApprovalPrompt('auto');
When making the OAuth request make sure your "access_type" request:
"access_type" : "offline"
This means the user gives you offline access, and you can continue to make requests with their account.
Using offline also means you'll receive a "refresh_token". Once your access has expired, your application can automatically trade in the "refresh_token" for continued access, without the client having to "allow" again.
$client->revokeToken($accessToken);
If you are using this line somewhere then removing it might help.
Basically what I've figured out is that if the access token is revoked prior to it's expiration, google takes it as an act to reset the permissions as well.
I might be wrong, but I've have not come across a better conclusion yet.