We need to remove an unnecessary scope from our Google Oauth2 client app.
Meanwhile, we have users who authorized our app with the previous scopes and we were granted their access and refresh tokens.
If we make the change and remove the scope, will existing tokens be invalid when we try to use them?
To be specific,
We are requesting google.calendar and google.calendar.readonly scopes. But we don't need google.calendar scope and willing to remove it. After the removal, what will happen to existing access and refresh tokens which were granted at the time that we were requesting both scopes?