I have created an app in the Google Apps Marketplace SDK and now I have the "Test Install Flow" button, which is fine,. however, when I click it, a popup for business account signup appears and asks me to set up a real Google business account. How can I simply test it with the same developer account I have?
Had the same issue. It occurs when you first log in to Google with a non-Google Apps account (like a free Gmail account), after which Google Apps accounts are added (i.e. are logged in).
As Ben Clifford suggests in comments, one needs to be signed in first with a Google Apps account (after logging out completely). As a best practice, use Google Apps accounts in one web browser, and free Gmail account(s) in a different browser - to avoid further issues.
You have to test it with a Google Apps account. Apparently yours is not one of those, so they're asking you to sign up. If you have a different Google account that has Google Apps already, you can add that account to the project in Permissions -> Add Member, and then use "Test Install Flow" while logged in as that other account.
Related
I published an app in Gsuite Marketplace, I would like to know if I can get any record of the installations performed, maybe some user data (like emails or at least the domain).
I've searched in the web and browsed the admin console but I can't find the way.
I found the answer in the marketplace faq, and there's not a direct way through the admin console, but instead all details can be obtained from the Licensing API.
Source: G Suite Marketplace FAQ
I am just getting started with the google classroom api. I signed up for the developer test accounts and have 1 teacher account and 2 student accounts. I created a couple of classes and enrolled the 2 students in the classes. I want to use the api either via .NEt or Javascript. The prerequisuites state that I need a Google Apps for EDU account with Google Classroom enabled. How do I get this? Also, I assume without having the Google Apps for EDU account I cannot perform the first step:
"a) Use this wizard to create or select a project in the Google Developers Console and automatically turn on the API. Click Continue, then Go to credentials."
When I perform this step when logged in under the teacher account I get an error:
Error
"Developers Console has not been activated for your account. Your account may be suspended or disabled. If you are a Google Apps user, ask your domain administrator to enable Apphosting Admin on your account."
To obtain a Google Apps for Education account, you have to register your domain (or buy one), and fill up this form.
When filling the form, you will get information about the requirements needed to get the account.
To create a project in the Developer Console, you can do it even from your gmail account. After you created the project, you can enable the Classroom API so you application can access it.
When you run the code, you will have to login with a valid account (teacher or student). If you try to access the API with an invalid account you will get an error.
You can also use the Classroom API methods in the documentation. For example the resource curses.list has a "try it" section, where you can try the API before creating any project. There you can see how it works.
I am trying to use the Google Play Developer API to automate APK submissions via a Service Account.
The question is, how do I give my project (and my service account) OUTSIDE of this play account, API access to manage apps?
Use case and example:
Each of my clients have their own Google Play account where their app(s) live. Apps used to be all in one big account, but for many reasons (Google pushing to separate being the highest) they are now broken up.
Lets say there are 2 google play accounts, A and B. Traditionally, each of these accounts grant my physical email user (me#gmail.com) "Release manager" access to each of their accounts. My email/user is OUTSIDE of account A and B. This works fine.
I now want to automate this process. I go to the developer API console for me#gmail.com, enable "Google Play Android Developer API" and create an oAuth2 service account (gives it an email of blah#developer.gserviceaccount.com). I then tell clients to go into accounts (A and B) and tell them to give blah#developer.gserviceaccount.com "Release manager" access.
I make an API call and get
The project id used to call the Google Play Developer API has not been linked in the Google Play Developer Console
API calls do work if I go into account A and account B under Google Play Developer Console > Settings > API access, and make Services accounts for each. It makes an entry in "User accounts & Rights" for this service user's email, then links a SINGLE project ID that MUST be owned by the Google play account.
Questions:
How do I add a service account that is NOT defined in Settings > API access?
Why is there only ability to link 1 project?
You can give outside email addresses full perms, but you can NOT give an outside service account email API access? The current design is not any more secure. In fact, it seems to go against most of the benefit of the API, and against the grain of account isolation that Google has been pushing.
We migrating our app from the old Marketplace to the new one. And we faced with the problem like described here - Google Apps Marketplace app installation callback
But we have special app architecture, it allows to the same user authorize multiple domains. For example we have user(authorized with google +) admin#tester1.com and he needs to install app for following domains:
tester1.com where admin account is admin#tester1.com
tester2.com where admin account is admin#tester2.com
For tester1.com we can use licensing API and check if app is installed and who installed it. We already have authorized account admin#tester1.com and the same user installed app.
No issues for this scenario.
Next user needs to install app for tester2.com. In process of installation(at the marketplace side) user switching to new account admin#tester2.com and installing app.
When user backs to us, we using licensing API again and check if app is installed and who installed it. At this step app will be installed, but it will be installed by user admin#tester2.com which is currently not connected to our app.
For this scenario, how we can securely recognize that domain tester2.com should be linked to user admin#tester1.com? Any recommendations/advices?
Currently we see only one way - require user to authorize admin account for each domain that he wants to install with our app.
This appears to be a special case, and Google don't have any guidelines around how to handle it. Deciding how to charge for and provision your application is left up to the developer.
We are integrating our app in the new Google Marketplace.
Our marketplace config in the developer console is ok.
Our oauth2/sso flow is ok (scopes match the ones setup in the console, auth params ok)
All users, when accessing our application through the Navigation bar, don't see any consent screen. All is perfect … except the following :
when an admin user is installing our application for his domain for the first time, he is presented with the domain consent screen displaying the scopes defined in our marketplace config, which is fine, he accepts and is presented with a button "Launch app". This link hit our server and a redirection is made to google auth in order to get the email and profile of that user. The redirection happens quickly that the admin is presented with yet another consent screen displaying the exact same scopes … which is bad.
If we wait 10 - 20 seconds before clicking the 'Launch app' button and after having accepted the scopes for the domain, the redirection to google auth is done and no consent screen is presented to the admin.
Are we missing something? Some sort of pooling technique with callback? "Sleeping"?
The same happens with other apps available on Google Apps Marketplace.
I installed several apps from Marketplace (Mavenlink, Lucidchart, etc), and they showed exactly the same result. I was prompted with consent screen immediately after installing them. A bit later, and I was let in without prompting.
It seems that the information on the installed app is not immediately propagated through Google system. There is a short delay between the time the administrator installs an app to his domain, and the time that app becomes available on his domain.
Most users wouldn't mind to wait a minute after the installation. Unfortunately, a reviewer at Google is not that forgiving. If he is quick enough to start your app immediately after the installation, your app will be caught asking for consent, for which it will be rejected from Marketplace. Too bad.