Is there a way to delay the Authorization Dialog in a stand alone Google Apps Script?
I have a public script that needs to be granted several permissions from the active Google user. I want to tell the user how the script works before asking for all those permissions.
It is not obvious why I need access to all the services, so this dialog looks scary :
https://developers.google.com/apps-script/scripts_google_accounts#grantingAccess
My script is a "web app' with the UI Service so the first thing to be displayed comes from doGet(), but the permission dialog opens first. Isn't there a way to delay the dialog until the permission is actually needed ?
One possible way would be to call the script from a dedicated website I suppose, but that's not simple.
One workaround is to have two web apps:
The first is an 'intro' web app that runs using your account, so it doesn't prompt the user.
Then, you redirect them to a second web app that runs using their account, which will prompt them.
Related
I made a new google sheet with a simple script that does an external call with UrlFetchApp.
However, when I try to run or test the code, it says authorization required. App needs permission. I then click on review permissions, followed by clicking on my Gmail account.
Sign in with Google temporarily disabled for this app
This app has not been verified yet by Google in order to use Google Sign In.
Any advice on how to resolve this? Why is this showing up for my own unpublished unfinished code?
Reasons
Making external calls is a sensitive scope. If by any chance you tried to authorize from any (reauthorizations count as well) account 100 times (see user cap help page) throughout the development process, you will not be able to proceed.
That is usually the primary reason for this screen, but sometimes you get locked even if the project is new (for example, for some G Suite accounts). If that happens, in my experience the only way to fix it is by going through the review.
There is also a thread on the issue tracker if cannot resolve it with methods listed below.
Finally, take a look at related Q&As:
"Sign in with Google temporarily disabled for this app" error when trying to authorize a script
How can I bypass "Sign in with Google temporarily disabled for this app" in a Google Sheets script?
How to fix
Switch the Google Cloud Platform Project to a new standard one. This will reset the counter.
Create a new bound script from a new Google Sheets spreadsheet (this works the same as switching GCP, as a default cloud project is assigned to the script project).
Go through the OAuth verification process. Don't worry, it is not that long and only requires a video of how you use the scopes.
I'm developing a container-bound Apps Script add-on. I need to demonstrate the installation process as part of the OAuth verification process. I can't publish my add-on without OAuth verification, and there doesn't seem to be any other way to demonstrate the installation.
Some options I've considered are:
Publishing as a private add-on. However this isn't an available option for me. It's not visible in my console, possibly because I've already set it as a public add-on and the link above indicates it's not possible to change visibility
Installing an unpublished addon-on. This also doesn't seem to work, possibly because my script is container-bound, or for some other reason. I can share the script with other accounts, but they're unable to install it; they have no visible installation button.
So I feel like I'm caught in an unfortunate loop whereby I can never get my app verified without it already being verified.
Actually it turns out I was able to do this without publishing it at all. Following #TheMaster's advice, I created a new standalone Apps Script project, and then copied all the code from my previous add-on.
Then, I ran Run → Test as Add-on in the Apps Script IDE, chose a spreadsheet to test it in, and clicked on the add-on menu. Note: you have to actually click an add-on menu item, the authorization screen won't appear before then.
This time, because the add-on is now standalone, this prompted me to authorize, which looked like this:
At this point if you start recording, it shows the required authorization prompts, including the client ID in the window URL bar. I submitted this video for Google's OAuth verification and they accepted it, so it looks like this is the easiest way.
There is no documentation explaining how to show the installation process of an add-on that has not been accepted. If you want to eventually publish the add-on publicly, then the only solution is to first publish the add-on publicly as "unlisted." Then you can remove the "unlisted" status later.
Getting one add-on approved as private, and then trying to publish it again as public won't work. You can't change a GCP project from a private to a public listing, and the GCP project has it's own ID. The approval is directly linked to the GCP project. You'd need a totally different GCP project for the public listing, and need to go through the approval process all over again. So, that doesn't make any sense to try.
The OAuth client ID must be shown in the installation video. That ID is shown in the address bar of the authorization dialog box. You need to widen out the dialog box so that the entire ID can be shown in the address bar. That way the people who are reviewing your add-on installation video can see that the OAuth ID is related. Otherwise, you could just create any video for any project, and submit it for review. They need to see the OAuth Client ID.
You can publish and add-on as unlisted, and it will appear in the GSuite Marketplace even though it's unapproved. An unapproved add-on will stop allowing installations at 100 installations. But, no one will see your unlisted add-on, and you aren't going to get a 100 installations before you get your installation video done. (As long as you don't share the unlisted link with anyone)
The other problem, is that the unapproved add-on will show a warning message and make you click the "advanced" link to get the approval dialog. You don't need to show that in your video. If the screen recording app that you're using can edit the video, then you can edit that out. Or you could edit it out later after the add-on is approved. Google probably saves your video as proof that a certain GCP project asks for certain permissions. The video that you post publicly could probably be edited. They aren't going to require another approval unless you change a scope.
I've created a spreadsheet with some GAS behind it that opens a form with some inputs, and now I need to deploy the webapp and share it to some other users. The problem is that when the other users try to open the spreadsheet (shared in Google Drive), they get this error message:
I've already tried to:
Share the spreadsheet to the user/s (Adding the user/s email address with permission Can edit)
Deploy the webapp settings with the following settings:
As you can see, the setting screen reports "You need to authorize the script before distributing the URL".
How can I authorize the script? I can't find a way to do that. Do you know if there's another way to share and let other users run the script?
Since you selected to execute the app as you, you need to authorize this script first.
Just select method doGet and press run in the editor, you will get the chance to authorize.
The problem is you are mixing web app with ui dialog on a sheet.
The webapp is accesed from the webapp url (given when you publish the webapp).
The ui dialog is a window shown on top of the spreadsheet.
You want to use webapp, follow the tutorial for that. Publish it to be accesed from the domain if all users are in the same gapps domain. Else use public anonymous.
Run doGet before publish to authorize. Its also possible to do the other ui-on-sheet but you need more steps for each user to authorize.
You need to manually verify that your script has access to the document.
Add a function to your script that accesses the document:
function doInstall() {
var mysheet = SpreadsheetApp.openById('x4535khxxhidh...');
}
In script-editor select: Run->doInstall (Or what ever you call your function) when you should be asked to verify that the script is authorized to access the document.
The following worked for me:
Go to «Publish»
Click on «Deploy as web app»
Click on «Disable web app» (in case you have published it already)
Execute the Script clicking on «Run»
Authorize the Script and grant permissions with your account
Again, go to «Publish» and click on «Deploy as web app»
Add another «Project version» (in case you have published it already)
Change «Who has access to the app:» to «Anyone, even anonymous» as needed
I wrote a Google App Script to be executed in Chrome by an extension without user interaction.
How can I let the user authorize it from the extension's options page?
I assume the script is published to run as the user. If so just provide a link to the script from your options page with a parameter so you know it comes from there.
We build a service with google apps script (deployed as web app).
This service script uses a google api with UrlFetchApp and oAuthConfig. Our script and service is working without problems.
Problem:
If a new user wants to use our service, he starts the service url and the service opens. In this process he has to authorise everything the script function uses without the with urlfetch used api. So, if he starts the service again, he get the error message: "Authorization is required to perform that action".
The only way we found to authorise the urlfetch-api is that the user go into the scripteditor and start the function from the editor UI. If he do so, he can authorise this api. Afterwords he can start the service via url and everything is working well.
Do anybody know a better way to authorise the user without doing this in the editor?
There is an open issue since July 2011, issue 677 and a lot of people are waiting for that...
User can run script directly as url from browser and will get the standard authorisation dialogue at that point. You can make it a bit more user friendly by providing a link and a tailored response in html.