Google Script App deploy only for one person - google-apps-script

I got a little bit stuck right now at deploying my Google Script App.
I've developed a Google Script App, which is embedded directly into
Google Drive (Spreadsheet). It's not a Web App, it's a user interface
in Google Spreadsheet (sorry, but i have to be clear).
That Script is just for one person in another company.
How can i deploy my script to her?
I've read about Domain-Wide-Installation and publishing an App to the marketplace, but i want to deploy it just for her and no one else.
How can i achieve that?
Thanks
Best regards

A big thanks to Sandy Good.
"You can publish an Add-on as "unlisted", which means that it can not be seen in the Chrome Store, and does not need to go through the approval process. When an add-on is installed, it has the authority to check the users email address. So, you could set it up so that it could only be installed by this person. An Add-on will keep the code from being accessible to anyone. Although you might want to also use private functions. I don't know if there is a better way for the Domain Administrator in a paid account to do what you want. I don't know anything about that." - Sandy Good.
That was exactly what i was looking for. Thanks

An add-on can also published for testers. Those testers must be part of a google group. Maintaining a group is easier.

Related

Google Docs Script: Sharing a script in my account / unreviewed scripts via Marketplace (replacement for previous chrome add-ons store)

Am I correct that there is NO direct replacement for this process on marketplace:
publish unlisted on chrome add-on store
directly share the link with others who can use the script
In particular, the mechanisms allowed me to use a script that I write across all my google dsocs.
With the move to marketplace, is there any way in which I can do this? I.e., write a script (container-bound or otherwise) and have access to it from ALL my google docs?
This is not about privacy: I am super-happy for the script to be shared with others or be public, but the review process has already turned down the script as unfinished. However, the script does what I need it to do... so I'd like to be able to use it across my google drive primarily... however, with the new google marketplace that doesn't seem to be possible.
One way may be via Google Suite domains. That seems to allow for internal publication. However, I've done that, and so far not received an acknowledgement or notification (while the GSuite page says 'under review'). My understanding was that internal scripts weren't subject to review.
Would anybody be able to comment on this and confirm, clarify or refute this understanding?
The move to Marketplace has certainly caused a lot of confusion! Trying to find all the tick-boxes can be difficult.
The two main places to look are the OAuth Consent Screen, where you need to make sure it is Internal (you have to have a GSuite account for that):
And the Marketplace SDK under Configuration check it is set to Private (although note that if it has transferred from the Chrome store it may already be set to Public, and this can't be changed). And under Publish it is set to unlisted.
This "unlisted" setting may be the crucial one for you as even if it is "Public" it won't be in the Marketplace, but will only be available via a link. But if it is "Public" I don't think you can make updates without going through the verification process. But if you don't go through the verification it should still be available.
Hope this helps, happy to answer any other questions.
Andrew

How to develop/test a Google Script app that is not verified

Recently Google announced OAuth Client Verification
I don't get it. Before verifying an app with Google, I have to develop one, right? But how do I test it, if I don't have the option to run it for myself as a developer without any verification restriction.
For example, I'm developing an app that uses Drive. I need access to Drive at least for myself. Or am I missing something.
Anybody, please help!

Sharing google sheets udfs with coworkers and how to tell if your company uses google apps for work

I read this:
https://developers.google.com/apps-script/guide_libraries
and
Distributing Google Apps Scripts for Sheets in your company network
I have a simple udf for google sheets that I'd like to share with a couple other people. Whenever I need it for a new sheet, I just copy and paste the code into the script editor and run a smaller function in debug mode. Then the computer asks if I give permission to my little script to run and I say yes. If other people want to use my udf, I can't expect them to do the same thing because they're not programmers. Well, I'm not either, but I try. Anyway, is there a way to share it without publishing an add-on or that domain admin sequence of events or anything involving long authentication strings or oauth2.0. all of this is too overwhelming for me as I'm not a real programmer.
Also, is there a way to share the udf without sharing the code, because the code is constructed embarassingly and more importantly, there is some info I'm not sure I'm allowed to share.
Speaking of things I'm not sure of, I'm not sure if this counts as an app for work because we use the app for work, but it seems like your company has to pay for something to be considered an app for work even though these apps seem like they're for free.
Apparently there is an open issue regarding Protect Google App Script. It would be best to follow this ticket to be update on how you would be able to protect your apps script code. Migrating your code to an external script and make it as a library would protect your code from editing but not from viewing.
Creating an app for your company may not be considered as an app for work. According to this document:
Google Apps for Work adds business-specific features such as custom email addresses at your domain (#yourcompany.com), at least 30 GB of storage for documents and email, and 24/7 phone and email support.

How to Deploy Google Apps Script for Domain?

I have a script that I would like to make available to all the users of our Google Apps domain, but I don't want to publish it to the Chrome store. We would like to avoid deploying it from a single user account. How is this normally done?
It really depends on your use case, but there are a number of ways this might be achieved from publishing a code library (and limiting the sharing of the link), hosting it in a Google Site to publishing it as a url triggered webservice.
It depends on whether you want to share the functionality to others or literally the code.

GAS gadget inserted to googleSite... for non-google accounts

I think this is the same as my question: http://code.google.com/p/google-apps-script-issues/issues/detail?id=852
But just to be clear: Google apps scripts won't run on a Google Site without a google/gmail user being signed in?
...are there other google products where GAS can be deployed for non-google accounts?
Thanks,
Nathan
False. You can embed an Apps Script in a Google Site using Insert > Script Gadget. Just be sure that the publishing setting is set to "Anyone, even anonymous".
You've got two different levels of user identity at work here, if not three or more. I will try to pull them apart for you in a clear way.
Google Sites can work for users of Google and non users. It depends entirely on the sharing settings for that site. If you share it with the world, it will be shared and indexed by search engines. If you share with anyone with link, search engines won't index it but no user will have to sign in to use the site.
What you are embedding in a Google site may have it's own user identity issues. The easiest way to manage these is to go into 'Publish' menu, and 'deploy as Webapp'. You will then see a menu that asks which account the script should be run under, essentially you or the user. And then which people to allow access, which you would select 'Anyone, even anonymous'.
This will run that app as your account, but allow anyone to call it. Works great for allowing the public access to a form created in GAS.
Now the other problems. It may be possible for you to have code in your GAS that specifically calls for a user. In that case all of the prior settings don't matter. When the script looks for a user and finds nothing valid it will error. These call are pretty obvious though and are more rarely used. (At least in my experience.)
But, in short, yes! You can certainly embed GAS into Google sites to be called by anonymous users.
Example of mine: https://sites.google.com/site/greenmountainretreat/sign-up
The issue you are referring to is about inserting i-frame gadgets into non-Google sites... please don't confuse things... and read the issue report thoroughly.
If you want another example...