We are building a tool that requires access to sensitive scopes (for the Google Ads API), although we also want to offer users to be able to sign in / up with Google.

Do we need to create a separate OAuth consent screen if we also want to offer "sign in / up with Google" as part of our sign in / registration process? 

 

My understanding is that we need access to non-sensitive scopes for the sign in / up method, although we need access to sensitive scopes for the Google Ads API so I want to know if it is best practice to have a separate app / consent screen for each scope (one for the login and one for access to the Google Ads API) - or can you just combine the two and specify the relevant scopes at different stages?

We wouldn't want users to have to give consent to access the Google Ads API when they sign in / up as that's not required at that stage. I hope that all makes sense, thanks in advance.