I'm using GSpread to download data from Google sheets and store them in a Postgres DB for different organisations.
Unfortunately one organisation has activated G Suite's strict sharing setting which makes it impossible for users to share documents outside their organisation.
This affects my ability to share Google sheets in this organisation with service accounts which are required for GSpread.
Note: I created the service account within the respective organisation and also already delegated domain-wide authority to the service account.
Any idea on how to share the Google sheet with the account?
Related
I built a Looker (Google Data Studio) report. The organization uses Outlook (Microsoft) for their emails (i.e. the domain is registered there, so for example, if the domain was underthesea then an email would be johnsmith#underthesea.com, and this is hosted by Outlook/Azure/Microsoft).
Is there a way to be able to access the report only via the organization's email? (I believe this is called SSO.)
The goal is that only those with active organizational emails would be able to see the report, which has sensitive organizational data in it.
I have researched this and have gotten nowhere. My question is whether this is possible at all since the emails are connected to Microsoft and the dashboard is in a Google application.
If it is possible - how?
I tried researching but it is not clear what is necessary to create the SSO if the organizational emails are not connected to Google.
How to do SSO with Google and Azure: https://learn.microsoft.com/en-us/azure/active-directory/saas-apps/google-apps-tutorial
-Integration between Azure and Google SSO: https://learn.microsoft.com/en-us/answers/questions/21067/integration-between-azure-and-google-sso-and-user
-How to activate SSO from Google documentation: : https://cloud.google.com/architecture/identity/single-sign-on
Im designing a small interface in flutter where several groups of people manage a google spreadsheet.
Each group of users manage their own google spreadsheet
Each spreadsheet lives in a single drive (let's say my drive)
What is the best way to authorize people to manage those sheets? I've seen:
Using googleapi and google_sign_in (https://pub.dev/packages/googleapis)
Using google service accounts through gsheets library (https://pub.dev/packages/gsheets)
I was thinking of using method 2, where each group has access to a service account which reads/writes into an specific sheet. I would then require people to sign in on my app to make sure which service account they have access to.
I was wondering if there's a better practice on how to provide access to the users to edit sheets in my drive? I've been searching other options but haven't had any luck.
In Watson Studio, I can navigate to the Project Settings and add an associated service:
This appears to only let me add a service from the same IBM Cloud Organization and Space that the project belongs to.
Is it possible to add a service from another users IBM Cloud Organization and Space? If so, how? Note that I want to remain in my own IBM Cloud Organization and Space with the Watson Studio Project.
I was able to successfully add services from different spaces in my account:
I was also able to successfully add a service from another account by using the menu in the upper right corner:
This way my Watson project has services from multiple accounts.
If you wish to remain in one account (with your business partner scenario), you could set up a permissioned space or org in an account and use that. Or you could have two accounts, and set up the permissions so you have access to one space in the second account which has the service that you want to use.
For new feature request or idea, you can submit a request here:
https://ibmcloud.ideas.aha.io/
I'm not able to create any bluemix apps under my own organization. When I tried to check the users for checking out access it displays ibmmanager#us.ibm.com with Manager access and the only access available for my user (listed as account owner) is Auditor. Help me fix it.
This is a problem with your account roles in that organization. In this case you have to contact your account manager that can provide you more privileges or open a new ticket in order to retrieve more information.
In Google Apps, there is always a base/primary organization. But Google Apps can have subdomains and suborganizations both (or combination of those).
We want to be able to identify the currently logged-in user as being part of the overall organization, whether it be the primary org/domain or some subdomain or suborg. But when you get user info or license info, it returns the home domain of the currently logged in user as the ID for their organization. No ID is consistent across all subdomains or suborgs.
I've also tried listing all orgs using the organization apis, but that doesn't seem to work when trying to get the org info of the root org: https://developers.google.com/admin-sdk/directory/v1/guides/manage-org-units
Is there a way, given a particular Google Apps user, to determine what the primary organization is?
The only alternative we have is to treat every domain/subdomain in the Google Apps org as it's own independent org. This is less than ideal because now a Google Apps admin who manages all of their sub-orgs/subdomains in one place in Google will now have to manage a separate organization in our app for each domain in their overall org. This uses up extra resources in our system for creating these additional orgs, but more importantly creates a very confusing organization/user management model.
When you look at the Users resource for the two users, compare the customerId attribute. If they match, the two users are in the same Google Apps account. If they don't they're not.
Also, don't assume two logged in users are in the same Apps account. One could be an Apps account and one could be a consumer account even though they have the same SMTP domain.