I create a google docs using a specific account like the service account with
doc = service.documents().create(doc).execute();
I have to create a google docs for each user of a domain entreptise.tn using the service account name #entreprise.tn.
It's possible ?.
Could you please help me solving that ?.
Thanks a lot.
Related
I'm trying to set up a google service account for Google Calendar API to create and update events for my specific calendar.
I've set up my service account, got the credential keys and also enabled the domain wide delegation. For most of the part it does work, however I can not access my specific calendar (not able to share it with my service account).
When I paste the service account email to the share textbox in google calendar settings it does not show anything to add.
This is a really frustrating blocker, so if anyone has encountered this or has any insights it would be greatly appreciated :)
You do not need to explicitly share your calendar with the service account.
If you want to create an event with your service account for your calendar, you need to set up your service account in such a way that it impersonates you.
The official Google documentation gives examples of how to perform Perform G Suite Domain-Wide Delegation in different languages. It is also important to do so in Apps Script.
Important: In your Admin console you need to Manage API client access and give the service account the necessary scope
(https://www.googleapis.com/auth/calendar.events) to create events on
your behalf.
I created a new Service Account in Cloud Project, and want to restrict this account's permission to only use one specific Google API listed here.
Lets say my application using this service account should only be allowed to use "Google Analytics API". If possible, further limited to use subset of API requests (for ex. analytics.management.customMetrics.list, analytics.management.filters.insert etc.
I tried to create custom Role, but when I try to add necessary Permission, I don't see me desired permissions listed in that list... (attach screenshot)
How can I restrict this Service Account permissions to specific APIs?
Also,
does it make any difference creating new project in
https://console.developers.google.com/ or in
https://console.cloud.google.com/ ? I san see a project in both places
anyways...
In your case because you are using the Google Analytics API, there is an additional step where you need to add the Service Account to your Google Analytics account. If the Service Account is not added then it won't have access to the resources inside of Google Analytics.
See "1. Enable the API" in the following link:
https://developers.google.com/analytics/devguides/reporting/core/v4/quickstart/service-py
Add service account to the Google Analytics account
The newly created
service account will have an email address that looks similar to:
quickstart#PROJECT-ID.iam.gserviceaccount.com
Use this email address
to add a user to the Google analytics view you want to access via the
API. For this tutorial only Read & Analyze permissions are needed.
See the following for some guidance on managing users in Google Analytics
https://support.google.com/analytics/answer/1009702
I know that using the Google Cloud User Accounts API (https://developers.google.com/apis-explorer/#p/clouduseraccounts/beta/) it should be possible to enter a Project ID and obtain a list of user accounts associated with this.
Is there a GCP/Google API which does the opposite however and you can supply it with user (ID, email etc.) and it will list projects associated with this user?
I am not too familiar with GCP APIs so trial and error so far...
Thanks
The cloudresourcemanager.projects.list should be the API you're looking for: https://cloud.google.com/resource-manager/reference/rest/v1beta1/projects/list
API Explorer: https://developers.google.com/apis-explorer/#search/Resource/cloudresourcemanager/v1/cloudresourcemanager.projects.list
I'm trying to create a service account to use Google API's for gmail. However, I cannot find the client ID to provide domain wide access, as mentioned in https://developers.google.com/identity/protocols/OAuth2ServiceAccount .
There is a Service Account ID , but no client ID. Also, while creating a service account, it gives 2 default accounts - App engine and compute engine and there is no mention in documentation if I should be using that.
It also asks to give a service account name, unlike earlier where it used to generate the Service Account Name. Looks like documentation has not been updated to capture these changes.
Any help is appreciated.
i am creating an app using google apis.i need to access user's documents through google apis using google admin account.In past i can use google docs api like this
for example i am admin of domain iritesh.com and my email address is ritesh#iritesh.com.i logged in using admin account and can retrieve documents in google drive of rajat#iritesh.com using user_id = rajat#iritesh.com.
https://docs.google.com/feeds/"+user_id+"/private/full/folder:root/contents?v=3&alt=json
but now google docs api's are deprecated.can anyone please guideline How to acheive this using google apis now.
link reference : https://developers.google.com/google-apps/documents-list/#using_google_apps_administrative_access_to_impersonate_other_domain_users
With the new API's and OAuth 2 you can accomplish this functionality but for it you will have to use Service account with domain wide delegation.
Basically with the service account it would be possible to impersonate users in the domain and make API calls in user's behalf. For getting information about documents you will use the Drive API.
Here is the documentation on service account:
https://developers.google.com/accounts/docs/OAuth2ServiceAccount
And Drive API:
https://developers.google.com/drive/v2/reference/
hope this helps.