Same OAuth app for Chrome Extension and Workspace Add-on - google-apps-script

I have an already published extension on Google Chrome Store and I already have an Oauth application running for it and I am currently paying for its assessment. I want to know if I can use the same Oauth app for the add-on as I have for the extension? Any help will be appreciated.

What you want to achieve is not possible as each application has its own permissions that need to be approved by the users.
Even if the extension has already been approved by a user, this doesn't mean that you can make the same user approve the add-on as well. Therefore, the authentication needs to be done separately for the two and the user has to approve consent the use for both of them.
Depending on the APIs you are using and what scopes you have set, you can take a look at the OAuth FAQ article here.
As for the add-on, it is important to test it before publishing it. Be mindful of the fact that the add-on will have to undergo app review before being published to the Marketplace.
Reference
Unverified apps;
OAuth API verification FAQs;
Publish an app;
App review.

Related

Add-on not visible in the User account

I have created the one add-on.
I have used this link to test and deploy the add-on.
https://developers.google.com/apps-script/concepts/deployments
I have added 3 person's Gmail IDs as test users in the configuration of the google cloud project. Then I come to my spreadsheet and I am able to see the add-on there. But in the other person, I am not able to see the add-on.
I am not getting where I had done a mistake.
Can anyone guide me on this?
Like how to deploy the add-on in the local server, which can be accessible to the user and the user can't access the code. They can only test the add-on.
Google Workspace Add On
I would like to clarify your question with some insights.
Deploying an add-on to a local server is a feature that is not available over App Script.
In order for a user to manage and test an add-on, it would need to have "Editor" Access, this would basically give him access to the code, so it would not be possible to avoid the user to access that data.
As suggested by the official documentation, on how to share and test with developers, you added 3 users for testing under the OAuth consent screen is used for the scopes that would be used over the add-on and the project information.
An alternative would be if you have a Google Workspace account and the test user are part of the domain, to start the process to publish the application as private over the consent screen and that way is downloadable or active for certain members of your domain by following the steps on how to publish:
https://developers.google.com/workspace/marketplace/how-to-publish
You can manage what application users access the marketplace over the Admin console or by publishing as "Unlisted" and sharing the direct URL of the app's store page.
I also recently discussed a similar scenario over this thread if you would like to review more about the Add-On.
References:
https://developers.google.com/apps-script/add-ons/how-tos/testing-workspace-addons
https://support.google.com/cloud/answer/10311615
https://developers.google.com/workspace/marketplace/enable-configure-sdk

Unable publish Google App Script to the G Suite Marketplace for domain administrators to find

My Google App Script (an add-on for Google Docs) has passed the OAuth verification and has also been verified by the Google team. The application is both "Published" and "GAM: Published", yet Domain Admins are unable to locate the add-on when searching for it, and therefore cannot install it to their domain users.
I have read the following two articles many times:
https://developers.google.com/gsuite/add-ons/how-tos/publish-addons
https://developers.google.com/gsuite/add-ons/how-tos/publish-for-domains
I've been liaising with the docs-addon-advisor, who has approved the add-on again and again, but nothing seems to impact the Marketplace Apps search results. It is however availble in the Web Store search results. They have directed me back to this forum for advice.
I've followed the articles above and see no error messages in the publication, yet still the add-on remains invisible to the Domain Admin world.
You can see that DocuSign is happily installed in my domain, I can search for it, and it has been pushed down onto my domain users. So what I'm trying to achieve is possible. My add-on is simply absent from this marketplace search for some reason.
Any ideas?
Your add-on is published at https://gsuite.google.com/marketplace/app/seal_atn/820114923602. It does not have "Enable individual install" checked so it's installable and searchable only by domain admins.

Publish Apps Scripts Web App on the Google Apps Market Place

I have a Google Apps Scripts web app and I would like to publish it on the Google Apps Market Place. I followed this instruction (https://developers.google.com/apps-script/guides/domain-wide-web-app) to properly setup the Apps Market Place SDK but I have some troubles.
To test installation flow I use the button in the setup page of the API, so :
My issue is if a user install the app as I allow personal install
The user validate rights and after he is redirected to the application. There I have an issue because the apps script web app request a "Offline access" in a new pop up.
=> I don't know how to add this scope because I don't find any scope for this need to add in the market place SDK setup.
What I found on stackoverflow is I probably have this message because on scope request by apps script web app there is the approval_prompt parameter set to force.
My question is how to avoid that and allow user to connect to app after validating scope on the apps market place ?
Thank you,
Stéphane
You can follow the List of Best Practices
Before you publish your Google App Marketplace application, please review the following list of best practices. Adhering to these best practices will help your application make it through the Google Apps Marketplace review process smoothly without you needing to make additional changes.
This document explain:
3: Define your scopes properly
All OAuth2.0 scopes must be defined in the Google Developer's Console, in the Scopes section of the Google Apps Marketplace SDK. This is essential in order to achieve one-click or zero-click SSO, as described in the following section.
According to this previous question, in the Admin Conso

Are there any way to register in-house application in google apps marketplace with FQDN?

I belongs IT Section which provides and distributes Google Apps and its related service in our company.
Our section has disabled Drive SDK in Google Apps admin Console because of our company policy.
However, many developers requested Drive api in our company.
So, we started registering developer's drive application in google apps marketplace to allow it.
After our registration, developers could use drive api.
However, recently our registration process has stuck in uploading on Chrome Web Store.
(*Please take a look at See step 8.)
Strictly speaking, chrome web store publishing status become rejected.
Moreover, we received app removal notification from chromewebstore-dev-support#google.com, like "Chrome Web Store: Removal notification for app name."
But we have no idea why this app has been rejected.
Here is our step we used to do.
In google developers console, I accessed api manager, and make drive api enabled.
Access drive SDK settings to register app icon and open URL, and save it.
*About open URL, we assume intranet FQDN is forbidden, so we set http://www.google.com as open URL.
In OAuth Concent, type service name and save it.
From api manager, enable Google Apps Marketplace SDK.
We set application name, description, register icon, support URL and drive api scope(https://www.googleapis.com/auth/drive) and save it.
Also prepare zip file for Chrome Web Store that includes manifest json and app icon.
*In manifest json, we wrote app name, description, web app URL(we set google sites) and write as domain-installable.
Upload zip file to chrome web store, icon, screeen shot, promotional tile images, set web site(we set google sites.), category and languages.
In the end, set Visibility option as private and everyone at mydomain.
After published both chrome web store and google apps marketplace, access to marketplace to find published app in our domain.
allow access of drive app in marketplace.
*Above processes were executed on September in 2015,
I believe developer console UI has been dramatically changed for now, so these steps might not match current steps.
### Questions ###
Considering above results, I would like to confirm things below.
I would like to confirm our steps above is correct or not for registering drive application in Google App Marketplace.
By referring Both Apps Marketplace Guides and Apps Marketplace Frequently Asked Questions, I could not find detail for specific steps.
I are wondering whether we must obtain or prepare domain for web application and it must be open on the web or not.
Are there any way to register in-house application in google apps marketplace without publishing on the web(wondering can use FQDN or not).
Is it possible to create Google Apps Marketplace App using service account or client application with Drive API?
Thank you in advance.
1. I would like to confirm our steps above is correct or not for registering drive application in Google App Marketplace. By referring Both Apps Marketplace Guides and Apps Marketplace Frequently Asked Questions, I could not find detail for specific steps.
You seem to have done the steps right. But just to be safe, you can check out Publish your App page on the apps marketplace documentation.
Steps to Publish the app
Go to the Chrome Web Store developer dashboard
Upload the zip file
Add a detailed description of your app for the Marketplace listing
Add your screenshot(s) and promotional tiles for the Marketplace isting
Add the URLs for your app's websites
Set the category, region, language(s), and other configuration details
Note: To publish a private, domain-only app, skip the next step and see the instructions below.
To publish a Marketplace app that is only visible within your own domain, do not use the listing review request form. Instead, on the developer dashboard, locate the "Visibility options" section and select "Private / Everyone at yourdomainname.com" before you publish
2. I are wondering whether we must obtain or prepare domain for web application and it must be open on the web or not.
I'm not sure what you mean by this question, but once the domain has been set and app published, the application will appear in the "For [your domain]" section in the Google Apps Marketplace available on admin.google.com
3. Are there any way to register in-house application in google apps marketplace without publishing on the web(wondering can use FQDN or not).
If you mean private company-wide application, I think Google Apps for Work can do this feature (this will incur additional charge to you though)
4. Is it possible to create Google Apps Marketplace App using service account or client application with Drive API?
Yes, Drive API also uses Domain-wide delegation of Authority in which the domain admin can grant 3rd party apps access to user data.

Is it possible to restrict access to Chrome extension using free Google Apps subscription?

I'm using free Google Apps subscription and I've published self-made extension in Chrome Store. Also, I need to restrict access to that extension to only my domain users.
I tried to follow Google manual, but I couldn't get access to 'Device management > Chrome management' (got an unexpected redirect from 'Device management' page to Apps list while clicking on 'Chrome management' link) and there was no option 'everyone at mydomain.com' into extension 'Visibility section' — only 'trusted testers'.
So, maybe it's because of my free subscription or it's Google Apps issue or I do something wrong?
No, That feature (and process) is only available for Google Apps for work and Education accounts.
However, you can try to restrict access to your chrome extension (using your free account) before publishing it to public by publishing it to test accounts.
Publishing to test accounts
When you publish to test accounts, your app’s store listing only appears to you and any users who are logged into these test accounts that you specify. Your app won’t appear in search results, so you’ll need to give testers a direct link to your app’s listing. Testing also gives you a chance to see how the license server integrateswith your app if you plan to charge your it using Chrome Web Store Payments.
To edit your list of accounts, click Edit your tester accounts. You can enter single accounts, or create a Google Group so that this set of users can test your app. See the section below to learn how to set up Group Publishing.
Once you’re ready to publish, click Publish to test accounts.
You’ll need to unpublish the app if you want to publish to the world later.