Bug: raw calendar.events.list fails with insufficient scopes; +agenda helper succeeds with the same account
gws version: 0.22.5 (reproduced on both the plugin-bundled binary and the @googleworkspace/cli npm package, same version)
OS: macOS (darwin-arm64)
Auth method: oauth2, interactive browser login (not token_env_var)
Repro
gws calendar events list --params '{"calendarId":"primary","timeMin":"2026-07-03T00:00:00Z","timeMax":"2026-07-04T23:59:59Z","singleEvents":true,"maxResults":1}'
Fails every time with:
error[api]: Request had insufficient authentication scopes.
This happens even immediately after a fresh interactive OAuth consent grant that explicitly includes https://www.googleapis.com/auth/calendar, confirmed via gws auth status (token_valid: true, has_refresh_token: true, scope list includes calendar).
What works, same account, same underlying operation
gws calendar +agenda --today — succeeds, returns real events (including from the primary/self calendar).
- Google Calendar API
events.list called through a separate OAuth client (a different tool wired to the same Google account) — succeeds with equivalent params.
Ruled out
- Not the
calendarId alias — fails identically with "primary" and with the literal calendar ID (user@domain.com).
- Not the date range — fails identically for a 2024 range and a current-date range.
- Not a stale/cached token — fails immediately after a fresh interactive consent grant (each invocation re-triggers the consent screen and still fails afterward).
- Not a version mismatch — confirmed identical version (0.22.5) across two independently installed copies of the binary.
Impact
Any raw <service> <resource> <method> call to calendar.events.list is unusable; only the +agenda helper works, and it only supports relative/forward date windows (--today, --tomorrow, --days N), not arbitrary historical ranges. This blocks any integration that needs calendar events for a specific past date range (e.g. weekly backfills).
Possibly related
Neither is an exact match: both describe general/all-API breakage, while this report isolates the failure to the raw events.list method path specifically, with the +agenda helper and a separate OAuth client succeeding on the identical account and data.
Bug: raw
calendar.events.listfails with insufficient scopes;+agendahelper succeeds with the same accountgws version: 0.22.5 (reproduced on both the plugin-bundled binary and the
@googleworkspace/clinpm package, same version)OS: macOS (darwin-arm64)
Auth method: oauth2, interactive browser login (not
token_env_var)Repro
gws calendar events list --params '{"calendarId":"primary","timeMin":"2026-07-03T00:00:00Z","timeMax":"2026-07-04T23:59:59Z","singleEvents":true,"maxResults":1}'Fails every time with:
This happens even immediately after a fresh interactive OAuth consent grant that explicitly includes
https://www.googleapis.com/auth/calendar, confirmed viagws auth status(token_valid: true,has_refresh_token: true, scope list includescalendar).What works, same account, same underlying operation
gws calendar +agenda --today— succeeds, returns real events (including from theprimary/self calendar).events.listcalled through a separate OAuth client (a different tool wired to the same Google account) — succeeds with equivalent params.Ruled out
calendarIdalias — fails identically with"primary"and with the literal calendar ID (user@domain.com).Impact
Any raw
<service> <resource> <method>call tocalendar.events.listis unusable; only the+agendahelper works, and it only supports relative/forward date windows (--today,--tomorrow,--days N), not arbitrary historical ranges. This blocks any integration that needs calendar events for a specific past date range (e.g. weekly backfills).Possibly related
Neither is an exact match: both describe general/all-API breakage, while this report isolates the failure to the raw
events.listmethod path specifically, with the+agendahelper and a separate OAuth client succeeding on the identical account and data.