To ensure that the access token covers all the scopes the user has previously granted, you need to set the include_granted_scopes parameter to true when generating the authorization URL using the method generateAuthUrl().

According to Google doc: “Enables applications to use incremental authorization to request access to additional scopes in context. If you set this parameter's value to true and the authorization request is granted, then the new access token will also cover any scopes to which the user previously granted the application access.”

Source:”https://cloud.google.com/nodejs/docs/reference/google-auth-library/latest/google-auth-library/generateauthurlopts”