Google oAuth2: Bypassing scopes consent screen for non-admin users

[Subbu Athikunte]

Google apps marketplace #5 best practice says users shouldn't see the consent screen after an admin installs the app. I have been trying get this working on a Rails app using devise and omniauth-google-oauth2 for authentication. I have setup the app in test domain using an admin account. But non-admin users always see the consent screen. Any idea how to avoid it? https://github.com/zquestz/omniauth-google-oauth2 has some help; but setting any of the options specified there didn't help. 

My config looks like below:

config.omniauth :google_oauth2, "code", "code", { access_type: "online", approval_prompt: "none", include_granted_scopes: "true", prompt: "select_account" }

Specifying scopes like "email,profile,calendar,https://www.google.com/m8/feeds/" gives the following error:

    Error: invalid_scope
    
    Some requested scopes were invalid. {valid=[https://www.googleapis.com/auth/calendar, https://www.google.com/m8/feeds/], invalid=[https://www.googleapis.com/auth/profile, https://www.googleapis.com/auth/email], noncanonical=[https://www.google.com/m8/feeds/(https://www.googleapis.com/auth/contacts)]}