I would like to create a live visualization of all the mail communication happening within one "Google Apps" domain used in my organization.
Is there any API which I can use to get a live callbacks, or at least some API which I can pull periodically in order to get headers of all the emails sent within the organization?
Use the Email audit API:
http://code.google.com/googleapps/domain/audit/docs/1.0/audit_developers_guide_protocol.html
Please remember Email Audit API can be used only for lawful purposes in accordance with your Customer Agreement.
There is currently no other way to do what you need.
Related
The "Find and delete malicious emails" page in the Google Workspace Admin Help Center states:
Using the investigation tool, you can identify all users in your domain that have received the message (for example, a phishing email). You can then use the investigation tool to delete the email from your users' Gmail inboxes (note that log data might take up to a few minutes before being available in the investigation tool).
From this, I understand that, assuming you have the right package, it is possible to use the investigation tool to delete the unwanted email from your users' Gmail inboxes.
Can I delete emails from my users' Gmail inboxes via Google App Script using the API? If so, how can I do that?
Currently it is not possible with the Investigation tool
But there is already an existing feature request for exposing the Google Workspace Investigation Tool programmatically.
I recommend you to "star" it to show Google that more people are interested in this feature - hopefully this will accelerate the implementation.
UPDATE:
In th meantime you can use a workaround, e.g. using a service account with domain-wide delegation as suggested by #TheAddonDepot
It is possible via DwDg(domain-wide delegation)
You have to create a service account and delegate domain-wide authority to that service account with the appropriate scopes. There are no explicit instructions for the Gmail API but you can use this guide from the Admin Directory API documentation.
You then use the service account credentials with the GAS OAuth2 Library to make calls on behalf of your existing users to the Gmail API. Note that you can't use the built-in or advanced services for Gmail, you'll have to call out to the Gmail REST API directly via UrlFetchApp.
I was wondering if there is a way to automatically (or on a trigger) delete emails from a Google Group.
I use a Collaborative Inbox Group for archiving automated emails.
I looked at the Google Apps Script overview for Google Groups, but I don't see anything. It only seems like you can do this from GmailApp...
I also read this thread from 2012 but nothing helpful there
Answer:
Programmatically this isn't possible.
More Information:
The GroupsApp class of Apps Script only has read methods available for use - there is not a way of executing any write data using the class - for example deletion of emails.
Emails are sent to everyone in the group when a post is made (as per subscription settings). If you want the Email to be deleted then as you have already pointed out, you will need to use GmailApp to delete it from the recipients' inboxes.
In short: All mailbox manipulation must be done using the Gmail API (or GmailApp).
Feature Request:
You can however let Google know that this is a feature that is important for access to their APIs, and that you would like to request they implement it.
Google's Issue Tracker is a place for developers to report issues and make feature requests for their development services, I'd urge you to make a feature request there. The best component to file this under would be the Admin SDK component, with the Feature Request template.
GmailApp.search is great for pulling emails but what if I want to access a specific Gmail account logged in or not logged in is this possible with GmailApp or maybe some other method I am unaware of? Or am I forced to use the email address the user is logged in?
Due to security and privacy concerns, GmailApp service as well as the rest of the services provided by Google Apps Script and Google REST APIs can only access the logged-in user's data. In order to access another user's data, he/she will have to manually log in using the oAuth2 flow. As an option, you may create a WebApp that the end-user would connect to and manually authorize your application to be run using his/her data.
I want to use Google Apps Script to send a message from Google Sheets to Microsoft Teams.
I know it is possible to send an e-mail to a channel, but I have no idea how to send a message.
To send a message to a Microsoft Team channel you need to know its email address, you can get it in the channel itself with More Options (⋯) 🠺 Get Email Address. Later, to send the message from Apps Script, you will need to use the .sendmail() method of the MailApp service. You can find the full options of the method and some examples in that documentation link. Also, keep in mind Microsoft Team channel limits (at the bottom of the page) to be sure about the message being delivered. Please, ask for more clarification if you need further help.
#Pierre W Please try using Connectors to send a message inside Microsoft Teams. However, connectors are built on Teams scope so you can send a message inside a team but not in 1:1 chat.
Questions regarding billing for Google API's or more specifically the places and maps Google API's.
We have an app which is part of a SAAS package. When clients use our Software we have maps and place's API built it, however we want to offset the cost of the bill using these API's to that particular client using the software.
Currently we have a single Google Project we created and enabled the API's on our own google account however this means we will foot the bill as its using our token.
Can clients somehow connect to our google project etc or do we simply need them to create their own google project and pass that token through? Is there a streamlined approach that covers this...
When we did for our multi tenant application we did create only one google project and billing was getting accumulated into a single account. We looked at what you're talked about but since google does not allow to bill separately without having separate google project. Google API billing works on google project id. We decided to bill our clients separately and handled all calls to Places API on a single google project.
Long story short - it was not easy to have our clients connect to our project without having them create their own google project we ended up with one google api project.
edit: also missed another important point - Google My Business API needed whitelisting for each project id so it was another reason to keep it as a single project
Passing the token to the application is a probably very bad idea and will result in a security risk for your client and their token if it is intercepted.
As a developer for the client they should create a token on their account and then they will be charged. They can then give it to you as the developer for use. This is however a gray area as technically you are not allowed to share your tokens with anyone TOC However i believe that client and developer relationship should be secure enough for sharing the token.
Ideally you should give the client the code they can then use their own token and run the application themselves.