I'm using Google Apps Provisioning API with gdata-java-client to manage Google Apps domain. https://developers.google.com/google-apps/provisioning/
Since Provisioning API is deprecated now, I'm considering to migrate to new Google Apps Directory API with google-api-java-client. Looks like the most of functionalities of my software can be migrated, but I couldn't find how to set "emailPermission" of the group settings. https://developers.google.com/google-apps/provisioning/#creating_a_group
It sounds like Google Apps Groups Settings API would be it, but it has far more high-functioning than Provisioning API do and I don't think these are equivalent.
Is there any equivalent API for Directory API/Admin SDK?
With the Admin SDK Directory API, service-specific settings/attributes were left to service-specific APIs, thus the Group Settings API is the correct method to set group settings.
To get an idea of how the Group Settings map to the old provisioning API group permissions, try creating a group with the provisioning API for each of the permissions, then use the Group Settings API to GET that group's settings and you'll have a map of the settings each of the old permissions defaulted to.
Related
would like to try out the recently added G-Suite admin feature where one can whitelist third party OAuth apps using a test G-Suite account:
https://gsuiteupdates.googleblog.com/2017/07/manage-access-to-third-party-apps-with.html
In order to determine if an app should be added in the list or not, I would like to retrieve app ratings programatically. How can I retrieve ratings and installation count for a Google OAuth App programmatically?
Don't think doing this programatically is supported as of now. No mention of such in G Suite Marketplace docs. You can request a new feature here.
I work a lot with AppsScript within my workplace. I've built lots of custom OAuth2.0 flows within AppsScript, that allow the application to call Google's REST APIs, and I've also worked with enabling the 'built in' API interaction objects (GmailApp, CalendarApp, etc). If you enable any of the built in APIs, the script editor adds the relevant scopes to the project information, and then asks the user for permission to interact with these APIs, when the web app first loads.
If I need to interact with both REST APIs and the few built in API calling objects, the user needs to first grant permission to the built in API scopes, then has to follow a separate OAuth flow, for the REST APIs. This makes for a really ugly user experience.
Is there a way to add REST API scopes to the list of scopes within the project information, so that when the user first loads the app, it asks them to grant permission for ALL scopes that the project will need? I could then retrieve the users oauth token from the script session with ScriptApp.getOAuthToken(), and use that in all external REST API calls.
EDIT (~12:00:05 18/DEC/15):
Please note, I already know how to enable APIs through the Developer Console Project that's linked to the AppsScript project - I want to find a way to add ALL APIs that are enabled to the Scripts properties, so that when the user launches the app, it asks them to grant permission to access all enabled APIs on their behalf (even REST apis), so that I don't need a second manual OAuth flow / token for the REST APIs.
EDIT (~14:00:08 18/DEC/15):
I've also looked into the Import/Export functionality within Drive, documented here:
https://developers.google.com/apps-script/import-export
and can't find any way to alter the scopes (or supply any scopes) for the project, this way.
In apps script you can enable specific API if you go to the menu "Resources > Advanced Google Services". It will open a Popup with a list of API, but there you also have the option to go to the Developer Console with the project associated with your Apps Script project.
And from there you can get the necessary information (clientId, etc.) related to the same Apps Script project and use it in you OAuth flow.
If you already have a project with all the required configurations and all the necessary API already enabled, you can also link your current Apps Script project to that app, so you don't have to do the same again.
In the menu "Resources > Developer Console Project", a popup will open and there you will have the option to access the Developer Console, but also you will have the option to associate the current Apps Script project to any other app you already have.
Just keep in mind that when you are trying to use an API you will have to enable it in the "Advanced Google Services", both in the list that the popup shows as well as in the Developer Console.
After doing this, the access tokens will be related to the same app and the users will grant permissions only one time when enabling a new API.
I hope this helps.
We have tried to create an App that will be able to access only Reporting and Insights for a user via Marketing Insights API. I have noticed that the requirement for Basic access is listed as:
"Apps should create sufficient ads that pass ad review and do not contain bad creatives"
But my App is NOT intended to create ads. It is a data reporting App and without standard access I have to add each user into Ads API under Advertising Accounts section of the App Settings. I would like to use this app across FB accounts of my clients to only pull data related to the ads. Could you please help me understand how to accomplish this without having to create a separate Dev app for each client?
You could try to apply directly for the Standard Access tier. In that form you can explain your use case and then it will be processed.
I would advise to already make various valid requests from your Development Tier to show you have a correct implementation.
This is my working scenario: i have created and successfully published an App on the Google Apps Marketplace / Chrome Web Store. Let's say some users did install this App on their own domains and are using my App. When they installed this App on their domains they granted data access to the scopes I declared for my App, for example scopes A and B.
Now let's say we went on improving our App adding a new feature and we released it. This new feature requires us to add a scope C to the App configuration. So let's add scope C and save the new configuration.
For those users who have already installed the App, scope C is "new" and needs to be granted access, while A and B are already granted.
Now we need to find a way to notify users about the need to grant access to the newly added scope before going on using the App (otherwise end users may incur in some issues).
The question is: is there a way to programmatically detect for a specific domain installation of our App which scopes have already been granted access and which ones not?
Assuming you have an access token you can use oauth2.tokeninfo() to determine which scopes a given token is good for.
I'll be needing some help regarding the Facebook permissions. Actually, I have defined a permission set on my facebook developer account under permissions and setup an application as well. I would like my ios application to pull permissions (On Login) that are specified under my account. I know I can use iOS or FB SDK 3.5.1 in my application (which I am using) but I don't want to specify permissions set on device, Just want to save version submissions of my application on store, don't want to keep this on client side. I know how to achieve permissions etc on iOS device as well which I have been using since Facebook 2.0.
So, is there a way using which application should pull permissions from the application ID (developer account) instead of specifying the permission set on the client (iOS).
Many Thanks,
Reno Jones
I think you are trying to think in reverse direction but this is not possible to achieve.
Permissions are never attached to any app, we specify permission so we can use those explore more using that appID.
Means there is nothing as such permissions for appID, appID & permissions are both different thing.
For Eg: I have created an app to see my details on Facebook. In order to achieve it we are not required to configure my appId on facebook. So its only us(the developers) who know what user can do with Facebook using that FBID.
So we just ask permissions separatly.