Is there a to enable "Allow less secure apps" for domain users using Google Apps Script? I browsed the G Suite Admin SDK reference but couldn't find anything. There's ResolvedAppAccessSettings: ListTrustedApps in Directory API > Security, but it's not what I wanted.
Thanks.
Unfortunately there is none. You can check this FAQ Allow or disallow less secure apps to access accounts and there is no mention of programatically way of doing this.
However, you may try to check the workaround in this google forum if it works for you.
This might not answer fully but Just to let everybody know that less secure apps module (https://myaccount.google.com/u/0/lesssecureapps) is deprecated.
A new option - apppasswords is available to get authentication done via following link.
https://myaccount.google.com/u/0/apppasswords
Use 16 digit code provided by google instead of password and that should be it.
Note: 2-factor authentication needed to be enabled before proceeding.
Related
Am I correct that there is NO direct replacement for this process on marketplace:
publish unlisted on chrome add-on store
directly share the link with others who can use the script
In particular, the mechanisms allowed me to use a script that I write across all my google dsocs.
With the move to marketplace, is there any way in which I can do this? I.e., write a script (container-bound or otherwise) and have access to it from ALL my google docs?
This is not about privacy: I am super-happy for the script to be shared with others or be public, but the review process has already turned down the script as unfinished. However, the script does what I need it to do... so I'd like to be able to use it across my google drive primarily... however, with the new google marketplace that doesn't seem to be possible.
One way may be via Google Suite domains. That seems to allow for internal publication. However, I've done that, and so far not received an acknowledgement or notification (while the GSuite page says 'under review'). My understanding was that internal scripts weren't subject to review.
Would anybody be able to comment on this and confirm, clarify or refute this understanding?
The move to Marketplace has certainly caused a lot of confusion! Trying to find all the tick-boxes can be difficult.
The two main places to look are the OAuth Consent Screen, where you need to make sure it is Internal (you have to have a GSuite account for that):
And the Marketplace SDK under Configuration check it is set to Private (although note that if it has transferred from the Chrome store it may already be set to Public, and this can't be changed). And under Publish it is set to unlisted.
This "unlisted" setting may be the crucial one for you as even if it is "Public" it won't be in the Marketplace, but will only be available via a link. But if it is "Public" I don't think you can make updates without going through the verification process. But if you don't go through the verification it should still be available.
Hope this helps, happy to answer any other questions.
Andrew
I have a Chrome extension that uses the Gmail REST API to send emails on behalf of the user. This API requires an Oauth2 token, which I'm retrieving using chrome.identity.getAuthToken.
The Problem
However, I am running into some issues with the Chrome Identity API. In particular, if the user authenticates with chrome.identity with a different Gmail account then the one they're signed into Chrome with, then they are prompted to re-login every hour or so (which doesn't happen if the accounts are the same). In addition, I'd like to minimize the number of permissions my extension asks for as a general principle (permissions sometimes introduce warning messages on install and risk disabling existing users on update), so I'd like to not have to ask for the "identity" permission if I can avoid it.
My Question
How can I authenticate the Gmail API in Chrome Extensions without using the Identity API?
Current Progress
I initially tried using Google's Javascript Client for auth, but that seems to be incompatible with Chrome extensions. After having searched other SO issues and some Google materials, it seems that the Identity API is indeed the recommended auth solution in Chrome Extensions. However, for the UX reasons mentioned above, I'm finding this solution problematic. And I do think an alternative should be possible -- for example, the MixMax Chrome extension, which uses the Gmail API, does not ask for the Identity permission.
Any help would be much appreciated! Thanks!
I'm searching for this like crazy and I just can't find a answer.
Imagine this. I have a "master" account. Using the Docs API I will grant access to users to some documents. But I need my addon enabled in every file. The users that will have access to the documents are not under my organization G Suite or anything. They are random gmail users.
Is there any way to do it? (besides of doing it manually) I couldn't find it in the documentation.
It's not possible to disable an add-on, but an alternate solution is to create a service model inside your add-on. Maintain a DB of users that have installed your add-on, using this you can develop a logic which user is allowed to use an add-on.
This is by far the best solution I can think of.
I have a web application which have a document upload/download feature. I'd like to use Google Drive for storing these documents. Is it possible to have the web app own a regular Google account but that doesn't require user's consent for the app to access the Drive? Or is this only possible using a Service account?
Yes it's possible. see stackoverflow.com/questions/19766912/… for a set of steps to do this. "own" isn't quite the correct term, "access" would be better.
I have a bit of a nagging problem here. At my current position, we have a Google Apps domain set up (for the sake of this question, it will be pennmanor.net) and I would like to determine a way to log in to Google Chrome (the web browser) and connect the Apps account to sync the settings.
I have found this article: Bug Report that describes the issue, which has been resolved. I have made sure that the options described in Comment 64 are correct, but still no sync. Other articles suggest that it is simply a matter of punching in the credentials and thats it.
We do have a custom SSO and Active Directory set up with the apps account, would this possibly be the cause of the problem?
Does anyone know what I might need to do to enable account Google Chrome to sync pennmanor.net account?
Are you setting user's Google password? Chrome Sync will not use the SSO password. If your users are stored in Active Directory, you can use the Google Apps Password Sync tool to sync passwords from AD to Google as they are changed:
http://support.google.com/a/bin/answer.py?hl=en&answer=2611859