I have created a Google Script that contains a main function I wish to call. Upon reading up on the documentation on this, I learn that, like any other API, an authorization token is required. I find and install Google's OAuth2 library directly into the Google Apps Script environment, and upon reading the documentation there, I am left asking: will the client need to login with their Google account to get an OAuth2 token, just to use my API? If not, how do I do such? (The API documentation doesn't quite explain how to accomplish this.)
I am ultimately trying to create a "Contact Us" form, in Angular, that hits this API.
Related
I have used Apps Script successfully on many occasions, and one of the reasons I like it, especially for personal enhancements or projects related to Google Services is just how seamlessly it integrates auth. However, when trying to integrate the YouTube Data API into one of my Google Sheets' Apps Scripts (I am trying to use the sheet to manage a YouTube playlist), I encountered an error that I have never encountered before.
The code is very simple, I am just trying to get some data from a playlist to return to the logger in the context of my Google Sheets Apps Script. Note that this Apps Script belongs to the same account as the YouTube playlist. The OAuth Client Verification docs specifically state:
Note: Verification is not required for Apps Script projects whose
owner and users belong to the same Google Workspace domain or
customer.
However, when I run my script, the OAuth screen says the app is unverified (this has never happened when I have used any other APIs accessing my own account in Apps Script), and even though I authenticate and it says "Authentication Successful", the script is blocked and it repeatedly (as in forever, in an endless loop) asks me to authenticate again.
Completely at a loss for what is going on. 1.) I shouldn't have to verify this script per the docs I referenced above, and I have never had to before for accessing my own content. 2.) The successful authentication but then failing and repeatedly asking me to authenticate again is driving me mad.
Please advise!
Code is very simple, just trying to get this to return ANYTHING:
const syncVideos = () => {
let response = YouTube.PlaylistItems.list('snippet,contentDetails', {'playlistId': '<REDACTED>'});
Logger.log(response);
}
Answer: This turned out to not be a code or OAuth issue really, but more of an unintuitive procedure when authenticating, i.e. when authenticating with Google to access one of your channel's data through the YouTube Data API, authenticate with your main channel, even if requesting data from other channels connected to your account.
Question:
Can I add the authorization part of my google sheets add-on into my add-on's code or does it need to be a separate thing? What would that code look like? If adding the authorization process into the google app script isn't an option, what would be the next best option and what would that look like?
Premise:
I'm very new to coding or working with an API, google app script, and google cloud platform. I have looked over Google's documentation a dozen times and I'm still unsure how to actually implement the authorization process. Using the HTTP/REST option looks like the best option but I'm really not sure. I've gotten the clientID, secret, URI, etc... that would be required but I don't know where I put that information. Does the code need to be on my website? If so, what would that look like or where can I go to learn more about it?
Thank you in advance!
Approach
When using Apps Script you won't need to insert your credentials anywhere. The Auth flow is managed by the Apps Script environment. Every time you will need extra permissions to run your script, the environment will prompt for your authorization. This will generally require a normal login to the google account you want to use to authorize your script.
Using Google APIs on Apps Script can be done using two different patterns:
Pattern 1: Built-in Google Services
You can use the Apps Script scaffold G Suite Apps classes to work on G Suite Documents, Sheets, Forms, Slides and more. This will feel like programming with native classes and interfaces than using an over-the-internet API.
Pattern 2: Advanced Google Services
Advanced services are essentially thin wrappers around the Google APIs. They You must enable an advanced service before you can use it in a script. To enable the Advanced Services visit the guide here
References:
Built-in Google Services
Advanced Google Services
What is the difference? Can you combine Google Apps Script with Google Rest API? Or is the Execution API the alternative?
Thanks, I really appreciate it.
The Execution API is a REST API.
There is no such thing as the Google REST API since REST is an architecture, not a Google service. Many Google APIs have REST or at least REST-like interfaces.
REST is an acronym for representational state transfer. As per usual it is impossible to explain this without provoking dozens of comments that point out the explanation is wrong or incomplete, so I refer you to the Wikipedia page.. But important features of REST are that resources are represented by URLs and that different http verbs (get, put, post etc) can evoke different responses from the server for similar resources (which adds purposefully a few constraints, i.e. GET is not supposed to do destructive operations etc.).
So "REST" is a specific way to design an API and Google used this design for the Apps Script Execution API.
These are entirely separate.
The Google REST API's are provided by Google and allow you to interact with their services from an external location. Essentially your code can call code written by Google, to impact Google services.
The Google Apps Script Execution API allows you to expose functions you have written in Google Apps Script to be called from an external location. Essentially this allows you to call custom code which is hosted by Google from an external location.
The key difference here is that the Google REST API has nothing to do with Google Apps Script, while the Execution API is all about letting you call Google Apps Script code.
You can certainly mix both in a given project, depending on what you are trying to do. Google Apps Script can even make use of the REST API, although
that is often not needed.
If you are trying to figure out which one you need, read about Google Apps Script and determine if working in that language is suitable for your project.
If you are planning to work from another language like Python or Java, then you probably need the REST API. Finally, if you want to work in Python or Java, but call some pieces of code written in Apps Script, then you should look at the Apps Script Execution API.
I want to retrieve all the user data of my domain in a spreadsheet, so far i am able to retrieve first name email id last name ,storage quota and password change when next time i log in. But I am unable to get details like Apps enabled,License,Contact Sharing,Email Routing - Google Apps Email,Email Routing - Inherit routes , Mobile Devices,Date Snapshot,Date Change,Change Comment,Action done by etc.
I am basically not able to get any API for this all i am getting some JSON or XML codes but what if i entirely want it in GAS only no other files.
Some of what you are looking for is best requested via the Admin SDK. You may want to also check out other Google Data APIs in more detail, you could put together some good reporting tools.
Many of the APIs can be used in Google Apps Script by using the UrlFetch service. There's an OAuth flow built in that service that is quite nice for OAuth 1 flows, and it's not too bad to create a decent Google OAuth 2 flow with UrlFetch as well.
Then you can make authenticated requests to those APIs and handle the responses accordingly with Apps Script.
I have an app that consists of two parts
an installed application (more specifically: a browser add-on) that runs on the user's machine, and
a web app implemented as a stand-alone Google Apps Script app using HtmlService.
The two parts talk to each other and both access some Google APIs on behalf of the user via Oauth. To do this, I set up an API project in the Google API console. In the section "API Access", I created a client of type "Installed Application" for the browser add-on. For the Apps Script part, Google takes care of the authorization flow automatically.
My problem is that Google does not know that these two clients are part of the same project. Therefore, the user has to go through two authorization steps in a row when executing my app for the first time (first, the Oauth process for the browser add-on and then the automatically generated authorization process from Google Apps Script). This is very confusing to the user, especially, since the splitting between the browser add-on and the web app is rather an implementational detail about which the user shouldn't really have to bother.
Is there a way to unify the two authorization flows? I know that one can add several distinct clients to a single project in the Google API console. It seems to me like this feature is explicitly intended for scenarios similar to mine, where more than one application make up what is perceived as a single service by the user. Unfortunately, web apps that are implemented in Google Apps script don't seem to be compatible with the Google API console because of the way Apps Script generates the authorization flow automatically. Or am I missing an option in the API console or in the Apps Script editor?
For future reference: I found out that Google automatically creates an API project in the Google API console for each Google Apps Script project. This seems to be a fairly recent feature. One difficulty for me was that these API projects don't show up when one goes to the API console, clicks on the name of whatever project is currently opened in the upper left corner and chooses "open". Apparently, the only way to reach the auto-generated API project is as follows:
Go to drive.google.com and open the Google Apps Script project.
Chose "Resources --> Use Google APIs...".
In the popup, click the link to the Google API console.
In principle, this should allow to add additional clients to the project, as long as none of the other clients is also a Google Apps Script project. I haven't been able to test this since it still doesn't solve my specific problem: Sending e-mails from the user's Gmail account seems to be a feature unique to Google Apps Script and I couldn't find an Oauth2 scope for this operation. Therefore, I still cannot ask for all required permissions in a single authorization flow. But if anyone who's reading this has a similar problem with different Oauth2 scopes, the above instructions should fix it for you.
Anyway, I solved my problem in the meantime by no longer using Google Drive to upload files.