Getting domain user list in marketplace - google-apps-marketplace

After clicking Add it now button we need to display the domain users. How to display the user list in Java
Thanks

This is what you are looking for :
https://developers.google.com/google-apps/profiles/
The Profiles Data API allows client applications to retrieve and
update profile information for users in a Google Apps domain. Each
user profile is stored in the owning user's Google Account, but it can
be modified only by an administrator of the user's domain.

Related

Can I use single Google API credential for multiple deployed microservices for same user on different instances?

Application1 -> Microservice1 (deployed on one server, also db is separate)
Application2 -> Microservice2 (deployed on other server, also db is separate)
NOTE : For Microservice1 and Microservice2 we are use same Google API credentials.
We have a one application in that we are providing user to edit it's word, ppt, excel files with Online editor.
So, we have configure Microservice which used GSuite API for user to edit there file with google online word editor.
Now, we have a scenario like when one user open file from Application1 then our application will redirect user to google login screen and once user enter it's credentials then google will check whether third-party application already registered with login user account or not, and if not then google will give consent screen to register third-party app with current user.
Once user allow third-party app then google will redirect user to our Microservice1
once callback came to our Microservice then we will store user's refresh-token to our db and user can able to edit document online.
Now, user open file from Application2 and it will redirect user to google login screen and once user enter it's same credentials which he used in above then google will check whether third-party application already registered with login user account or not, this time google found that third-party application already registered with them, and google will redirect user to Microservice2, but this time google doesn't give refresh-token and in our db also refresh-token entry not there, so we will not able to open the file in online editor.
So, is there any way to handle these kind of scenario with only single Google API Credential?
Or we need separate account which give us different Google API Credentials?
Like :
Microservice1 (One Google Account with Google API Credential)
Microservice2 (Another Google Account with Google API Credential)
Any kind of help appreciated.
Thanks in advance...
you need to create a service account, possibly with G Suite Domain-Wide Delegation of Authority.

Login With Google Access Control Using GSuite Groups

We are trying to implement a "Login With Google" feature for an internal admin dashboard web app connected to our GSuite account. We want to limit login to this dashboard in two ways.
Only members of our GSuite domain can login to the dashboard
Only users in our domain belonging to a specific group within our domain can login to the dashboard
So far we have been able to accomplish number 1 above but not 2. Using a query param to the oauth2 API we can limit the domain. What we have in mind to accomplish number 2 is after the user within our domain is logged in, get their group information and validate that they are in the proper internal group or log them out. The issue with this is it seems only GSuite admin accounts are allowed to make API calls to the Directory API for this information. Is there no way to get the group information for a user with their own access token or using a service account? Ideally we don't want to have to provide a specific admin user within our GSuite account's personal credentials in our application to get this working. Is there a better way to proceed?
Thank you in advance for any help!

Google play api access oauth

I'm making an application to read and respond to the reviews of google play account for my applications. When I enter my google play account, settings > api access, the following message appears to me: "Only the account owner can configure API access. Please contact him to update the API settings."
Is it possible that the owner of the account that has published the application gives me permissions to generate the token only to read the reviews? Or only the owner can generate a global token to read the reviews?.
Regards!
As you've said, API can only be configured by the owner of Google Play Developer account. As an account owner, you can add users to your Play Console account and manage permissions across all apps or for specific apps. From this page:
Sign in to your Play Console.
Click Settings Settings > User accounts & rights.
To add a new user, select Invite new user and follow the on-screen instructions.
To update permissions for an existing user, hover over their email address and select the pencil icon Pencil icon.
Use the "Role" drop-down to choose a pre-defined role or use the checkboxes for individual permissions.
Choose whether each permission applies to all apps in your developer account ("Global") or specific apps.
To add an app to the permissions table, use the "Add an app" drop-down Drop-down arrow.
To see details for each permission, review the permission definitions
table.
Click Send Invitation.
You can only generate a token once you're added as an owner.
Additional reference:
How to give access to Google Play Developer Console Game services page to other accounts?

add calendar to another user's calendar list

Not sure if this is possible or if anyone has managed to do this. I have user with super admin access, with which I can create a new user for my domain. However I also want to add a couple of calenders to the created user's calendar list. When I create a user I authenticate using my super admin, but then I can't add a calendar to the user's calendar list since I am not logged in as the user. Is it possible to do this as the super admin, or do I have to logout and authenticate as the created user in order to add calendars to their list? This is the base url to which the post request is made:
https://www.googleapis.com/calendar/v3/users/me/calendarList
in the place of me could I pass in the id of the user? I couldn't find any parameter in the documentation with which I can specify the user to whose list I want to add a calender.
Thanks
Two options:
Each user much login to google calendar and share thier calendar to a single user. You can then use this account to update their calendars. Note that google has limitations to how many calendars and request you are allowed before the account goes to read-only mode.
Buy a google apps domain (5$per user per month) and create a service account at console.developers.google.com. Create a project and give it domain wide delgation at admin.google.com. In Apps engine you should be able to give access for admin to modify all users calendars.
No matter what case you choose, you also need to enable CalendarAPI at dev console site. Now with private key created from website request OAuth2 access token, where sub field is set for the users that you want to change calendar for. With returned access token use CalendarAPI to modify calendar.
Sry for bad english and short description, i'm in a hurry. /conner ;)

Windows store app certification failed - New user sign up for services missing

Our windows store application is especially for our customers.
It requires user credential to login.
It doesn't have any sign up page.
New users cannot access our application(They should be our customer.)
For new users, Admin will create an account and share them to the
user.
At the first time, user is requested to change password.
This is how our customer access our application
We submitted our free business app to the windows store.
But it is rejected with the reason saying "Apps that require users to sign in must either specify upfront in app description the type of access user must have and how to get it or provide a mechanism for new users to sign up for services from within the app. At a minimum this could be a link in the app to the website where the user can create a new account and sign up for services. Your app did not appear to provide this information to the user."
We do not have such a page. How can we proceed for resubmission?
Whether we need to provide description like "Our application can be accessible to our customers only"
or
provide support email address and saying like "Contact our support team/admin to create new account"
or
any suggestions?
Simply show a description which tells user that this app is only for registered customers. For more details you can write us to your email id or can fully describe the log in process there on the first page.
The description says it all. Include exactly what you have said in the application's description update. In addition include this information on the main page of your application for extra safety.
Note how DropBox has done it. When you install the app your very first screen has the login boxes and a link to "or Create an Account" which then brings you to a webpage to create the account.
You could link this to a page on your site that allows a user to contact your org for an account or register for one to then be approved, etc

Resources