Google Drive oauth scope for limiting Shared with Me


I wanted to share some files with someone that uses neither rclone nor gdrive. Rather than depend on the mercy of google's website I sent them a portable rclonebrowser+rclone with a custom remote I created using the folder ID and read-only scope. To my surprise, they checked the box for "Shared" and suddenly files shared with me were visible.

My question is, for my use case is there any way to limit this via the underlying oauth request from Google? Or am I stuck creating a user with nothing "shared with them"?

I completely realize the proper way of doing this is to share via google. I've looked through advanced and nothing appeared to apply to this, and of course searched the forum and get many false positives of people trying to get shared-with-me working. And here I am with the opposite problem :slight_smile:

What is the problem you are having with rclone?

Seeing shared with me when remote is authorized for a specific folder ID.

What is your rclone version (output from rclone version)


Which OS you are using and how many bits (eg Windows 7, 64 bit)

Win10 64

Which cloud storage system are you using? (eg Google Drive)

Google Drive

The command you were trying to run (eg rclone copy /tmp remote:tmp)

To test I run:

rclone limitedremote: --drive-shared-with-me

The rclone config contents with secrets removed.

type = drive
scope = drive.readonly
root_folder_id = removed
token = removed

Edit: apparently "removed" with square brackets is special even within backticks. oops.

As far as scopes are concerned I think you are out of luck - see the scope docs - there is nothing about sharing in there.

Note that it is trivial to break out of the folder ID also so this won't keep technical users out of the rest of your files.

If you want to solve this in a googly way then you can share file, folders or maybe create a shared drive and share that.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.