Google sent me an email to do app verification to be able to continue using the gmail api. My app is basically a bunch of scripts running in spreadsheets that send an email notification when a change occurs.
Having to get a gsuite account and going through App verification to allow my scripts to survive seems very heavy process.
Does anyone know if all these spreadsheet scripts will now be stripped of their ability to send emails in the new year? or if they can continue as long as you are running them only under your own account?
I have not been able to see any documentation on this to confirm one way or another.
Seeing process described for verification here: Google app script verify scares me!
Related
I have a fairly simple dataset in a Google Sheet. I created an AutoSort script. I saved it, and when I click "Run," I get the following errors. One from a pop-up, and another from the Execution Log.
Pop-up error:
Authorization required
This project requires your permission to access your data.
*For this error, there is a button to "Review Permissions" and I log in using my google account and then just nothing happens.
Execution Log error:
Warning This project requires access to your Google Account to run. Please try again and allow it this time.
The Owner of this Google Sheet is my personal Gmail account, and I am making these edits and created the script using my business Gmail Admin account. I also tried to access this sheet and run the script USING my personal Gmail account, and received the same error:
Google hasn’t verified this app
The app is requesting access to sensitive info in your Google Account. Until the developer ({mypersonalemail}#gmail.com) verifies this app with Google, you shouldn't use it.
Any insight as to how I can authorize this would be appreciated. It sounds like something small I'm missing.
Also, in my personal email I receive a message with subject:
Review edits to your Apps Script project within your document
and it allows me links to access the worksheet and the script, but I don't see any way to approve the edits, or anything like that.
Expected behavior: What I am expecting is for the script to Run, when I click "Run."
It's not a good idea to mix accounts from different domains, specially when using a free account and a Google Workspace account like you have done because that is the cause of the situation that you are facing.
My hypothesis is that the Google Cloud default project linked to the bounded script is created with the account used to create the project.
If you need that you personal account be the spreadsheet owner the best is to create the script using the personal account, and when needed, create a Google Cloud Standard project (GCSP) using the the personal account. You might try to fix the problem with your spreadsheet and the current Apps Script project by creating a GCSP, as was mentioned previously, by using the account that is the owner of the spreadsheet and linking it to the Apps Script project.
Note: If your script is using sensitive scopes you might have to set the OAuth Consent Screen publishing status to tes and add your Google Workspace account as tester.
Ref: Setting up your OAuth consent screen
Once you have finished the setup of your Google Apps Script project you should be able to use your Google Workspace account to update and run the Apps Script code but any new deployment and new version should be done using your personal account.
If you have access to Shared Drives and are allowed to use them for your spreasheet, consider to move it to a Shared Drive as this will make a lot easier to manage your script.
I am creating a Google Chat bot using Apps Script.
It has to check every x minutes my team's mailbox for some upcoming messages. I used a Gmail service to achieve this functionality.
Is there any option to that the function that is responsible for checking could be run as that certain user (eg. myteamsmalibox#gmail.com)? As for now, I got all my code working but the function is running through my own mailbox.
I have used Apps Script successfully on many occasions, and one of the reasons I like it, especially for personal enhancements or projects related to Google Services is just how seamlessly it integrates auth. However, when trying to integrate the YouTube Data API into one of my Google Sheets' Apps Scripts (I am trying to use the sheet to manage a YouTube playlist), I encountered an error that I have never encountered before.
The code is very simple, I am just trying to get some data from a playlist to return to the logger in the context of my Google Sheets Apps Script. Note that this Apps Script belongs to the same account as the YouTube playlist. The OAuth Client Verification docs specifically state:
Note: Verification is not required for Apps Script projects whose
owner and users belong to the same Google Workspace domain or
customer.
However, when I run my script, the OAuth screen says the app is unverified (this has never happened when I have used any other APIs accessing my own account in Apps Script), and even though I authenticate and it says "Authentication Successful", the script is blocked and it repeatedly (as in forever, in an endless loop) asks me to authenticate again.
Completely at a loss for what is going on. 1.) I shouldn't have to verify this script per the docs I referenced above, and I have never had to before for accessing my own content. 2.) The successful authentication but then failing and repeatedly asking me to authenticate again is driving me mad.
Please advise!
Code is very simple, just trying to get this to return ANYTHING:
const syncVideos = () => {
let response = YouTube.PlaylistItems.list('snippet,contentDetails', {'playlistId': '<REDACTED>'});
Logger.log(response);
}
Answer: This turned out to not be a code or OAuth issue really, but more of an unintuitive procedure when authenticating, i.e. when authenticating with Google to access one of your channel's data through the YouTube Data API, authenticate with your main channel, even if requesting data from other channels connected to your account.
We build a service with google apps script (deployed as web app).
This service script uses a google api with UrlFetchApp and oAuthConfig. Our script and service is working without problems.
Problem:
If a new user wants to use our service, he starts the service url and the service opens. In this process he has to authorise everything the script function uses without the with urlfetch used api. So, if he starts the service again, he get the error message: "Authorization is required to perform that action".
The only way we found to authorise the urlfetch-api is that the user go into the scripteditor and start the function from the editor UI. If he do so, he can authorise this api. Afterwords he can start the service via url and everything is working well.
Do anybody know a better way to authorise the user without doing this in the editor?
There is an open issue since July 2011, issue 677 and a lot of people are waiting for that...
User can run script directly as url from browser and will get the standard authorisation dialogue at that point. You can make it a bit more user friendly by providing a link and a tailored response in html.
I have an app that consists of two parts
an installed application (more specifically: a browser add-on) that runs on the user's machine, and
a web app implemented as a stand-alone Google Apps Script app using HtmlService.
The two parts talk to each other and both access some Google APIs on behalf of the user via Oauth. To do this, I set up an API project in the Google API console. In the section "API Access", I created a client of type "Installed Application" for the browser add-on. For the Apps Script part, Google takes care of the authorization flow automatically.
My problem is that Google does not know that these two clients are part of the same project. Therefore, the user has to go through two authorization steps in a row when executing my app for the first time (first, the Oauth process for the browser add-on and then the automatically generated authorization process from Google Apps Script). This is very confusing to the user, especially, since the splitting between the browser add-on and the web app is rather an implementational detail about which the user shouldn't really have to bother.
Is there a way to unify the two authorization flows? I know that one can add several distinct clients to a single project in the Google API console. It seems to me like this feature is explicitly intended for scenarios similar to mine, where more than one application make up what is perceived as a single service by the user. Unfortunately, web apps that are implemented in Google Apps script don't seem to be compatible with the Google API console because of the way Apps Script generates the authorization flow automatically. Or am I missing an option in the API console or in the Apps Script editor?
For future reference: I found out that Google automatically creates an API project in the Google API console for each Google Apps Script project. This seems to be a fairly recent feature. One difficulty for me was that these API projects don't show up when one goes to the API console, clicks on the name of whatever project is currently opened in the upper left corner and chooses "open". Apparently, the only way to reach the auto-generated API project is as follows:
Go to drive.google.com and open the Google Apps Script project.
Chose "Resources --> Use Google APIs...".
In the popup, click the link to the Google API console.
In principle, this should allow to add additional clients to the project, as long as none of the other clients is also a Google Apps Script project. I haven't been able to test this since it still doesn't solve my specific problem: Sending e-mails from the user's Gmail account seems to be a feature unique to Google Apps Script and I couldn't find an Oauth2 scope for this operation. Therefore, I still cannot ask for all required permissions in a single authorization flow. But if anyone who's reading this has a similar problem with different Oauth2 scopes, the above instructions should fix it for you.
Anyway, I solved my problem in the meantime by no longer using Google Drive to upload files.