We are a italian municipality, we have to start a google site to let the people to signal city issues.
Unauthenticated users can post or view issues,
Google domain's authenticated users, can edit some information.
For some categories, external companies are engaged for solution, these aren't google domain's users, but we need to let them edit the information as the authenticated users ...
Is there a way to authenticate an external user to Google domain?
Or a way to recognise the user working on a google site?
Thanks,
Marco
You can invite users who do not have a google account to be a site editor. This is done with the standard site share settings. An email will be sent to the users email you added with a link with an access token. The user will have to click that link to open the page in edit mode.
If a user shares this link it is effectively sharing his editing rights to your site.
Related
I have received email from Google with subject: [Action Required] Submit your app(s) for Restricted Scopes OAuth verification,
same as many of you.
I'm using GAS only for developing applications for my personal use - not for public. Applications such as sending summary emails to my clients, when they buy a product from my web pages.
Do I have to go through the whole process of verification?
Do I have to create public Terms of Service?
Is there any way how I can explain to google, that my applications are not used by anybody else then by
me?
How to get to know for sure that my app won't stop?
I have read through FAQ (https://support.google.com/cloud/answer/9110914) and many other documents by google about this topic..
I have checked similar questions found on web, but with no luck of answers.. It looks it's pretty new experience for all of us..
Thank you for any advices.
I have personal account, so I can't use "internal apps" selection, this works only for paid G-suite customers which I'm not.
EDIT:
As Yoel Vinitsky stated, app doesn't need verification if it has only one user.
Here at bottom: https://support.google.com/cloud/answer/7454865 is table which shows that there is quota 100 new users in total, once the app presents the unverified app screen.
It seems like that I don't have to worry about verification of my apps at all, because I'm the only one user or maybe I use this app from 2 or 3 more users emails so it should be ok, my question is, is it going to be ok without verification, or not?
EDIT 2:
Google sent clarification email:
NO ACTION is required if:
Only owners use the project: If the project is only used by owners of the project, no action is required.
To determine whether you are an owner (versus an editor or viewer), follow these steps:
Click the project link above to navigate to its OAuth Consent Screen
configuration page.
Click the Navigation Menu button in the
upper-left corner, select IAM & admin, and click IAM. This will show you all project contributors and their roles.
The project doesn’t have users outside of your G Suite domain:If the project owner is using a G Suite account and the project is only used by Google Accounts in the project owner’s domain, no action is required (learn more here).
But the question is how to avoid verification with personal accounts for my own scripts used only by me?
As mentioned in the support FAQ You linked to:
When can I skip publishing my app for a review?
You do not need to request for verification if your app is
going to be used in any of the following scenarios:
1) The app is not shared with anyone else.
2) The app is used to send emails through WordPress, or
3) similar single account SMTP plug-ins.
The only drawbacks should be the warning that your app is unverified and maybe quota limits.
Google have multiple products like Youtube, Gmail, Google Drive and many more. When we login into one product like gmail then while hitting another product like youtube we will enter into this account without login. Then My question is how google uses cookies for different domain like youtube, gmail and any other. If anyone knows about this please let me know thanks in advance
This is not google specific thing. You have to study more about single-sign-on and claims based authentication to understand how this is achieved.
The common protocols used in these scenarios are OAuth and OpenId Connect.
Basically 3 parties involved here. The User, The Application, The IP(Identity Provider).
In this example Gmail, youtube and google drive, all are applications. They all use google(accounts.google.com) as identity provider. When user try to access an Application(gmail,youtube) he is redirected to the identity provider(accounts.google.com) and get authenticated. The identity provider issue a cookie(from accounts.google.com domain) to the user. The application receive Token from Identity provider saying user is authenticated and after validation of the token, application also issue another cookie(from gmail.com or youtube.com) to the user.
As long as user has the cookie issued from identity provider, he don't want to sign in again when he logs into an application that use the same identity provider.
I'm using Google Apps Script UI to create forms for students at my school. I've restricted access to my domain for added security, and to capture users' email addresses.
The problem is that many of our students have separate Gmail accounts. If they are already logged into Gmail (not our domain), they don't get a log-in page, but something prompting them to request access.
Any suggestions for avoiding this?
Thought I saw a request in the issue tracker for an account choosing feature, but my guess is that you'll want to allow anyone to access your web app and show a custom prompt if their email is non-domain. I don't know how well this would work with shared computers, but creating separate Chrome user accounts for each of my Google accounts has solved all my multiple sign-in pain.
I have read all the information and guidance and watched the videos on
Developers Google Drive (sorry, I do not have enough "reputation points" to include all the links that would be relevant here).
as well as Google Privacy Policies.
In the list of Google Drive auth scopes, which ones are covered by the permissions request to users for the app to "view basic account information"?
https://developers.google.com/drive/scopes
I can only find examples, rather than a complete list.
I am also trying to understand how this relates to the Privacy Policy, ie. whether this "basic account information" is "Personal Information" or "Google Account" information.
http://www.google.com/intl/en-GB/policies/privacy/key-terms/#toc-terms-personal-info
Personal information
This is information which you provide to us which personally
identifies you, such as your name, email address or billing
information, or other data which can be reasonably linked to such
information by Google.
Google Account
You may access some of our services by signing up for a Google Account
and providing us with some personal information (typically, your name,
email address and a password). This account information will be used
to authenticate you when you access Google services and protect your
account from unauthorised access by others. You can edit or terminate
your account at any time through your Google Account settings.
I have read elsewhere that the "basic account information" is not actually "viewed", ie. visible to, the app developer but is instead transmitted in encrypted form for use by the app.
(I am not an app developer - this just seems to be the only place where there are Google staff watching and answering these sorts of questions).
User's profile and email is available if you grant access for the following scopes:
profile: https://www.googleapis.com/auth/userinfo.profile
email: https://www.googleapis.com/auth/userinfo.email
Profile stands for a Google Account and contains user's ID, name, photo, URL, country, language, timezone, and birthdate.
I'm creating a simple Google Site that has nothing on it but a form to collect respondent's information. The reason I'm using Site instead of just a Google Drive form is because I need to offer respondents the ability to upload files. Couldn't figure out how to do it with Google Drive form.
The site (or form) will only be shared with users in my institution which uses GoogleApps and everyone will need to log in their GoogleApps account to view the site. I'd like to know how to capture or collect the logged in GoogleApps username viewing the site. Thanks.
If all your users are within a Google Apps domain, then collecting the username is rather straightforward. Use
var username = Session.getActiveUser().getUserLoginId();