I read the OAuth documentation on Box's website, and understood the steps to give resource access to application.
However, it looks like all resources (all folders and files) under box account will be exposed to authorized application. Is it possible to only give certain folders' access to application instead of all of them?
thank you very much.
We're in the process of building out additional scopes but currently the only one available is full account read/write.
Related
The product I'm working on currently uses the scope "https://www.googleapis.com/auth/drive" (which is now "restricted" by Google), which gives full read and write access to a user's Drive account, including app metadata. But we only need read access to list all files and folders inside a specific folder, and we need to be able to download those files, that's all.
Google Drive API will soon apply the new "restricted" scope policy (https://support.google.com/cloud/answer/9110914#restricted-scopes), which will require us to go through a very expensive audit (tens of thousands of dollars...). Is there a possible workaround to get 'read-only' access on a specific folder, and avoid the audit (note that https://www.googleapis.com/auth/drive.readonly is also a restricted mode)?
I'm aware of the "https://www.googleapis.com/auth/drive.file" scope (which is "recommended" by Google, so no audit required), which almost solves this problem. But we have thousands of users bringing in data from multiple Drive Folders, and pushing new files daily. This scope would introduce a manual step for a client each morning to have to "approve" every new file, and this would be a big scalability/usability problem.
Ideally, I would like Google to add a new scope, like a read-only access to anything inside a folder, before they go forward with their audit... but i doubt that this will happen soon.
Does anyone know of a better option?
[EDIT] For reference, here is the list of scopes and we can see which ones are "restricted", "sensitive" and "recommended" : https://developers.google.com/drive/api/v2/about-auth
Solution
Hi! So after taking a better look at this it seems that restricted scopes do NOT require any paid audit. The main difference is that they will have a wider access to user's data and thus it requires you to go through a restricted scope verification process.
You can use these restrictive scopes (the one that best fits your application) without the need of paying any audit. See more information about how to implement restrictive scopes here.
For a gmail add-on we are developing we need to be able to put different API url's for development vs. production, along with some other configurations. What would be the proper place to put these configurations and how to read them? I saw we can add script properties from Project Properties window and i am guessing we can read them using PropertiesService, but the problem is how can we have different configurations based on environment.
Any ideas?
As you said, store them in the Properties Service, specifically, the Script Properties. You can still access them and modify them after you publish.
I need to upload my files(documents,images,videos) to a 3rd party server using my own application and need to retrieve them. But there should be a way to give access levels to files. I checked google drive supporting this.But they have no option to give my application's user level access to files. They are giving user level access with google accounts. I need set my user account access to files.
Please advice me if there is anyway to do this.
I built some widgets and uploaded on my local marketplace, is there a way to share that?
And better is it possible to share a Mashup (the widget composition) without giving the
possibility to wiring to the user?
I mean the user should use an application layout without change anything.
You can make public your workspaces/dashboards following the steps documented in the user guide. Only the owner of a workspace will be able to modify it. I think this is what are you searching for.
Another option is to create a packaged mashup using the "Upload to my resources" option in the editor view:
Take a look to the "Advanced" tab, where you can block widgets (make them unremovable), block connections (make wiring connections unremovable) and embed used widgets/operator (by default packaged mashups depends on the user having installed all the required widgets/operators. This way you can distribute the widgets and operators used by the mashup in the same package).
However, take into account that this method is meant for sharing mashup templates, the user will always be able to add additional widgets and create new connections in the wiring view.
Once packaged, mashups/dashboards (and widgets and operators) can be uploaded to a WStore server (e.g. to the Store portal provided on FIWARE Lab) for sharing them with other users. The steps for making this is also described in the WireCloud's user guide.
I have the problem, revisited.
I have set up a working Marketplace instance (v2.3) but am unable to integrate it with Wirecloud. The marketplace is correctly registered but all the requests i am making to this Marketplace are throwing 502 error, even though i am actually able to see some results when querying the Marketplace server through a browser.
Indicatively, i can issue a GET command at http://:8080/FiwareMarketplace/v1/registration/stores/ and get an answer, but Wirecloud's internal APIs return a 502 (Bad Gateway).
Any idea on what might have gone wrong?
PS: This happens for WC v0.6.5. When upgrading to a newer (Beta) version of WC, everything seems to be performing as expected, i.e. the marketplace is correctly inserted and the stores are correctly retrieved and processed.
I am looking to transfer users from one domain to a different domain within our Google Apps. We don't want users to manually move their files and we cannot have our admins transfer them (we have 50K + users to move).
Is there any way within Google's API's that I can program a method to transfer files within an executable? Please if there is a way to do it in .Net that would be most desired.
See the permissions.insert() reference. There's a .Net sample on that page that should get you started.