I'm trying to interpret the Google Maps API terms of use. It says an app must be "freely and publicly accessible". But there is an exception for mobile apps in section "9.1.2 Exceptions" shown below. It's not clear to me if "for a fee" means that the app must have a non-zero price. In my case, I have a purely mobile app that would be available in app stores for free, but the full use of the app would be limited to a select set of users. The terms also say I can require users to log in to use it. Is there a requirement to provide log in credential to anyone?
9.1.2 Exceptions.
(b) Mobile Applications.
(i) The rule in Section 9.1.1(a) (Free Access) does not apply if your Maps API Implementation is used in a mobile application that is sold for a fee through an online store and is downloadable to a mobile device that can access the online store.
The ToS exception for mobile applications essentially fully excludes Android applications from both the Free Access and Public Access requirements. You do not need to to require users to log in nor do you need to provide public access to all users.
The rule in Section 9.1.1(a) (Free Access) does not apply if your Maps API Implementation is used in a mobile application that is sold for a fee through an online store and is downloadable to a mobile device that can access the online store.
The rule in Section 9.1.1(b) (Public Access) does not apply if your Maps API Implementation is an Android application that uses the Google Maps Android API.
Related
Did anyone successfully implement Google Analytics 4 in an Adobe AIR app?
We have an Adobe AIR application (for Windows desktop) which currently sends tracking data to Google Analytics, and it works fine: we get to see the result in Google Analytics dashboards as well as in DataStudio.
Google documentation explains how to move from GA to GA4, but it relies on javascript in webpages, which is not relevant to an Adobe AIR project.
We tried to change the endpoint API URL, the GA property ID, add the api_secret & measurement_id parameters. We still don't see any data in GA dashboards.
We don't really know if switching to GA4 is supposed to be this straightforward, or if it would require a deeper rework of our actionscript code to take into account the new GA4 features & requirements.
This is very similar to this issue:
Google Analytics 4 - Measurement Protocol API used without gtag.js or firebase
GA4 seems to be very limiting compared to UA for non web and mobile apps; it seems to only support data from either the firebase or gtag SDKs or GTM (also web based). Apps such as desktop apps that previously used HTTP web requests via the Measurement Protocol are handicapped; it is only meant to augment the other data.
In my opinion this is a huge step back for GA.
I have a requirement to block/restrict specific add-ins for user(s) in accessing. I could able to block add-ins using google admin portal ( Security -> API Control), which solves the problem but instead of doing this manually, I would like to automate the same using google APIs. I tried to explore users, tokens, etc APIs but could not find an option. Appreciate if you can suggest an option to achieve this functionality through API. Providing more details for better understanding: To get the list of users, I am using Directory API : https://developers.google.com/admin-sdk/directory/v1/reference/users/list?apix_params=%7B%22customer%22%3A%22my_customer%22%7D and to get list of apps installed by the user I am using Directory API : https://developers.google.com/admin-sdk/directory/v1/reference/tokens/list?apix_params=%7B%22userKey%22%3A%22test%40test.net%22%7D Now I would like to block a specific app for specific user using Directory API. Similar feature in Microsoft: https://learn.microsoft.com/en-us/graph/api/resources/conditionalaccesspolicy?view=graph-rest-1.0
Adding feature request link: https://issuetracker.google.com/issues/174422078
I have developed a google apps script web app, in conjunction with an MIT App Inventor app, that will/should allow a user to access their own google drive/sheets/documents.
I am having trouble connecting to the web app through the Appinventor app's web component (not a webview), after the user had given their authorization to use the web app via their device's default browser (Chrome).
My Web App is connected to Google Cloud Console and has been verified by the Trust and Safety Team at Google. The app is set to "User who assesses the app" and "Anyone". I can't use the native webview in AppInventor, because Google blocked this off for authentication in 2016.
The web component offers GET/POST/PUT HTTP functions but I have no idea how to get the authorisation codes and tokens for a user in order to access the web app. (Note; the web app has no GUI, it simply receives GET requests and returns text/stringified json output for a range of functions.) I have been able to translate many curl examples in other situations to good effect with the web component, but not for 0Auth.
I have done my best to read up and use the offerings from Google on 0Auth, but just get lost halfway through, as always, nothing I do is quite the same as the examples or documentation provided.
How do I, therefore, construct HTTP GET URLs, with all the various authorization codes and tokens already in place, that will authorize the Web App to work for the user?
A simple request would be like this:
https://script.google.com/macros/s/AKfycbyZ_27nLOKi8ssX........Bz40yAbGfJt_TRswvm6zpY/exec?func=authenticate
which would return the text output "Authenticated"
With a web browser (Chrome) all of this is fairly straight forward for a user. If they are logged into their Google account in the browser they go to the URL provided for my web app, they will be asked to authenticate, and give my Web App access to their google account. Once accepted, 'magic' happens in the browser (any 'magic' happen at the web app end?), and as long as they stay logged in, they can use the browser to send GET requests (URLs with parameters) to the Web App and see the results returned in their browser. Happy days.
In my scenario, I do not have a suitable web browser capable of all of the above. I have a web component that can send GET/POST requests to web services, and handle the server responses. (think of it as a web 'terminal'). I can, therefore (hopefully) construct URLs with all the right content, codes, and parameters. Remember that this has to be straight forward for the user, who will not be interested in 'back end' activities, they will just want to use the app to do things on their google drive.
They need to, I guess, at the very least, perform the authentication in a web browser, to connect their Google account with the web app. Then with the web component connect to the web app using authorization codes and access tokens, as them (their google account) so that actions by the web app occur on their google drive. As stated above, the web app is set to "User who accesses the app" and "Anyone". This is the part I need help with. I do not understand what I need to do to connect the user to the web app without using a web browser.
This is the kind of thing I mean:
https://developers.google.com/gdata/articles/using_cURL
Your setting of Web Apps and goal is as follows.
Web Apps is deployed as Who has access to the app: Anyone.
You want to make users access to Web Apps.
Issue and solution:
In the current situation, there are the following situations for using Web Apps.
When the users access to the Web Apps by each browser, the users can access by logging in to each Google account.
When you want to make users access to the methods (for example, curl command and script) except for the browser, it is required to share the Google Apps Script project of Web Apps with the users.
Unfortunately, it seems that above situation is the current specification. I confirmed the change of this specification at April 11, 2018. Before this change, the users had been able to access to the Web Apps by the curl command and script with the access token without sharing the Google Apps Script project. By the change of specification, when the project is shared with the users, the users can access to Web Apps using the access token.
In this case, it is required to include the access token to the request headers. Because in the current stage, access_token=### as the query parameters cannot be used. Ref
Note:
From this situation, I think that when sharing the Google Apps Script project is not the direction you expect, in the current stage, the Web Apps with Who has access to the app: Anyone cannot be used by the method except for the browser.
References:
Taking advantage of Web Apps with Google Apps Script
Web Apps
I want to develop a comercial App that works in connection with gmail, Google calendar and other Google products. For what I see, Google Apps Script would give me the required functionality but I cant seem to find the answer to a couple of deployment issues. In the Google Apps Marketplace article on Wikipedia I read this:
Google Apps Marketplace is a product of Google Inc. It is an online store designed to help people and organizations to discover, purchase, and deploy integrated cloud web applications that work with Google Apps (Gmail, Google Docs, Google Sites, Google Calendar, Google Contacts, etc.) and with third party software. Some apps are free, some are paid for. Apps are based on Google APIs or on Google Apps Script.
But then, looking into the Google Apps documentation, the only distribution mechanisms I find are the "Script Gallery" which implies access to the source code by the end user and no comercial transaction or Chrome Web Store which is bound to Chrome Browser, while what I intend to do is aimed at Google Sites or Google Apps users and perfectly Browser Agnostic. My questions are:
Can I bundle a Google Apps Script based App for sell in the Google Apps Marketplace ?
Can I deploy it without the end users having access to the source code?
The short answer is no. Google Apps Script imposes daily quotas on all of their GAS APIs. These quotas cannot be extended in any way, so it is not feasible to deploy this on a commercial scale. You should take a look at Google Apps Engine which gives much more flexibility for what you want to do.
There is a workaround that I did in the past. I had an installation script (that ran as me) that collected user properties and the actual app script that ran as the individual user and referenced the user properties collected. At the time I didn't set user script properties but you could do that to bypass the first install script I would think. When the user installed they would get an email with the user script link and then they would authorize it separately. Install link was distributed through Google Checkout (deprecated now) but you could do electronic distribution through another venue. Not a traditional app distribution process by any means but maybe it will spark an idea for your specific case.
#Javier - we too arrived at the same conclusion. Google Apps Marketplace (GAM) deployment is just one of the channels to reach businesses but its the un-extendable Google Apps quotas that cripples a commercial deployment of a Google Apps Scripts (GAS) based WebApp.
We tried listing our webapp based on GAS directly into GAM but it failed their SSO requirements as there was no way to use domain-wide delegation to authorize the GAS permissions for the end users if the webapp ran as "user accessing the web app".
While we migrate to a fully stand-alone application, we have managed to deploy a restricted version of the app to GAM indirectly using a GAE instance as a proxy.
Here is how its deployed.
The GAM listing links to a GAE proxy app.
GAE proxy does GAM compliant SSO and redirects all subsequent access to our publicly accessible webapp in "run as me" mode.
GAE proxy passes on any domain data authorized by the GAM client to the webapp.
Implement security mechanism to block unauthorized access to the public webapp and accept calls ONLY from the GAE proxy.
Our current customers (very small businesses/startups) are fine with this security model, but I am afraid this will not scale for larger commercial deployment.
#mrschwen: we too are considering your exactly approach in mind to mitigate quota issues in case our app gets wider adoption until we are forced to move out of the GAS space, even though the end users will be forced to authorize our scripts which will run as 'user accessing the web app'
Maybe I'm missing something but is there a way to build a free app that integrate Google Drive without having the rate limits "per app"?
If you are not going to release the source code (e.g not making easy for other developers to "steal" your application's client ID and secret), you can request more quota from the APIs Console page under the "Quotas" pane.
For open-source project, I would advise in asking the user/developer to create their own API Project from the APIs Console and provide a "wizard" type setup for them to enter the necessary information.