I want to create a web app using Apps Script. Who gets charged for the quotas? The user installing the app or the developer?
Also, is it possible to pay for increased quotas?
Whose quotas get used depends on how you deploy the app. When deploying you pick an option for "Execute the app as". The following is from the documentation:
Execute the app as: Do you want the web app to execute as you (the
owner of the script) or as the active user who is accessing the web
app?
Related
I have an app script linked to a spreadsheet that has a few functions to automate some processes for users. I recently updated the project to be linked to a standard GCP project I created so I could create OAuth credentials for an unrelated process in this script. However, now when users go to run the functions, they get a 403. Is there a place in the GCP console where I can give them access? I am not using any OAuth credentials for these functions. Just the standard app script interactions with the Google Sheet.
I think when you move to GCP you are required to use OAuth and they have to enter their credentials again. Found in the docs.
You have to configure the OAuth Consent Screen as is explained in the official docs about link a Google Apps Script project to a standard Google Cloud Project --> https://developers.google.com/apps-script/guides/cloud-platform-projects
This hadn't been an issue for months, but the past few weeks this is happening.
When I publish the Web App I indicate:
Execute App as me
Anyone in ha access
When anyone, logged into our google domain attempts to "execute" the Web app they get the "Google Drive / You need permission" screen (Unless they have, or I give them, "Edit Access" to the Web App Script.
Thanks for any insight here
Google recently stepped up the security of App-script to help prevent phishing. Don't know if this helps.
Authorisation of Google services
OAuth Client Verification
Web app permissions
I have followed all the steps here: https://developers.google.com/apps-script/add-ons/domain-wide
And then went through them a million times already.
I can install and use it if I click Test Installation Flow from under Google Apps Marketplace SDK Configuration.
When publishing, the check box for Publish in Google Apps Marketplace is always checked.
Still, when I log in as a domain administrator and go to Marketplace Apps - Add App, I can't find my app in the list.
If you're from Google support, here's the link to my app, maybe you can check something in the backend: https://chrome.google.com/webstore/detail/enabler4sheets/inpioilbljppoobbblcpbpjplkefmkep
Based from the Google Apps Script documentation, The add-on’s name must be the same as the name of the Apps Script project. The checkbox next to Publish in Google Apps Marketplace should be checked only if you are publishing the add-on for domain-wide install and you are not bundling the add-on with an existing Google Apps Marketplace app. See the style guide for more information on the other fields. Select the most recent version of your code and click Create web store draft. This will open a new page for you to configure the add-on for inclusion in the Chrome Web Store.
What I can suggest is to repeat the process based from the document. Please check the Complete application ad publish your add-on: https://developers.google.com/apps-script/add-ons/publish#complete_application_and_publish_your_add-on
I am developing an application using Google Apps Script and using some Advanced Services such as Admin SDK (Directory API) and Reseller API.
It seems like these API's are being called by my WebApp under context of user who is accessing my WebApp (it's deployed with 'Execute the app as 'User accessing the webapp').
Ideally, I would like these API's calls to be authenticated with some Service Account under my project (in Dev Console). Is it possible? How?
When your scripts are ran as 'User accessing the webapp' it runs off the users data against your quota. If you want to run it against your data you need to change the settings to execute the app as "me".
If you need to do a mixed authentication model where the app needs to access the data of two different accounts, you have some options. Either way one account gets to access the built in Apps Script services and the other will use the REST interfaces to the APIs to access their data.
You can run the app as "me" then manage your own Oauth for the user. This can be done with an OAuth Library such as:
https://github.com/googlesamples/apps-script-oauth2
Or you can run the app as the user and use a service account for your server. Here is a library I put together for using service accounts in Apps Script:
https://github.com/Spencer-Easton/Apps-Script-GSApp-Library
Is there a way to restrict access to an application built on Google App Script using LDAP? Can Google App Script access LDAP?
There are a couple of ways to look at this problem.
Apps Script cannot directly access your LDAP system. Apps Script has ability make HTTP calls to REST/SOAP services, make JDBC calls to external databases but it doesn't have built in support for the LDAP directory.
However, if you are using Apps Script w/in a Google Apps domain then you can tie in Google user accounts to LDAP using Google Apps Directory Sync. Once this is setup, you can deploy your Apps Script to only allow people w/in your domain and Google will make them login before they can access the Apps Script.
Hope this helps.