I want to make a google spreadsheet available to a remote user. This user wants to use API requests to access the spreadsheet. What is the best way to implement?
Using Web app or using Execution API?
If the spreadsheet is not protected, you can easily access it using Spreadsheet's openById.
var ss = SpreadsheetApp.openById("abc1234567");
Logger.log(ss.getName());
Related
I am creating a connection between a clients Shopify store and an order management system called Extenda NYCE. For this I have created a custom app and given it all necessary accesses via the Admin API congifurator.
When I've configured the app and installed it in Shopify backend I use the API keys to get access to it via the order management system, but I get an error. Due to poor UX I can't see the whole error message but basically what I am doing is I try to make an article import by using the API keys.
Now I've tried to find a solution to this by reading about using API keys and I seem always to end up in information regarding access tokens and the need of implementing access to these so that the third-party system can get access to the API.
I'm totally lost so I figured why not look it up with StackOverflow. Have you had similar experiences? To me it just seems way too advanced if I need to write scripts to generate access tokens so that the API can have access to the shop data. Isn't the API interface developed NOT to have the need of writing code in Shopify?
I need to access some data from a private Google Sheets document that only my google account has access to – it is not shared with anyone else.
From here: https://developers.google.com/sheets/guides/authorizing
When your application requests private data, the request must be
authorized by an authenticated user who has access to that data.
Again, that user would be me – the application developer. The users of my application will not have these sheets shared with them.
From what I’m reading in the Google API docs, I’m not sure this is possible – but it seems to me like it should be. I am using nodeJs.
Can anyone help me out?
You'll want to use Google's OAuth flow (here) in order to get access to private sheets. If only you need to be able to access the sheet then you can keep the OAuth as only tied to yourself and make requests to the endpoint in your app.
Example Implementation
View in Fusebit
// Create a sheet object for the client + auth
const sheets = google.sheets({
version: 'v4',
auth
})
// Pull the data from our spreadsheet
const data = (await sheets.spreadsheets.values.get({
// See: https://docs.google.com/spreadsheets/d/1BxiMVs0XRA5nFMdKvBdBZjgmUUqptlbs74OgvE2upms/edit
spreadsheetId: '1BxiMVs0XRA5nFMdKvBdBZjgmUUqptlbs74OgvE2upms', // ID of the spreadsheet
range: 'Class Data!A2:E', // This gets all of the data in the sheet that we care about
})).data;
// Your rows/columns go into "data.values"
const rows = data.values;
});
Service account with domain-wide delegation:
The only way to avoid user interaction when accessing user private data is to use a service account with domain-wide delegation to impersonate your regular account.
That requires being a domain admin, though, so I'm not sure this option is available to you.
Sharing the spreadsheet with a service account:
Another option would be to share the spreadsheet with the service account, so you can access it using that account. Service accounts are not linked to a specific user, and so follow a different OAuth flow which doesn't require user interaction. See reference below.
Otherwise:
If you are not a domain admin and you don't want to share the spreadsheet with a service account, you are left with the web server workflow, which requires user interaction: you just cannot bypass this interaction.
I'd suggest you to read the references linked below.
Reference:
Using OAuth 2.0 for Web Server Applications
Using OAuth 2.0 for Server to Server Applications
I have a VB.NET web form website that I up until now have been using an SQL server with user data used to let the users login. I now want to use Google sign-in instead. I cannot find any good example that works. Anyone know any good examples?
I have created an app and some REST API on Google Appengine and deployed it to
www.my-appspot-id.appspot.com
I'm using Google Datastore to store my data and have created API's to access that data.
However, i can access my API directly also using
www.my-appspot-id.appspot.com/_ah/api/explorer
which means anyone can access them and can manipulate the data which i don't want.
How to restrict access so that nobody but some particular registered set of users can only use it?
I stumbled upon this tutorial recently, might be of some help.
I think you need to authenticate your endpoints and authorize only some client id.
OAuth 2 authentication : https://developers.google.com/appengine/docs/python/endpoints/getstarted/backend/auth
Allowed client ids and audience : https://developers.google.com/appengine/docs/python/endpoints/create_api#allowed_client_ids_and_audiences
To answer your question : you can't.
Google Cloud Endpoints is based on the explorer api: everybody will be able to navigate into your API, and see the differents methods available.
BUT if you add an authentication to your methods, the visitor will not be able to execute them.
I am trying to do an app that requires google spreadsheet API, however it looks like I can't enable it from the console. Therefore, I can't ask for the permissions to the documents.
I know that it is possible, because I found this playground: https://developers.google.com/oauthplayground which asks for permissions for Spreadsheet API, but I just don't know how they did it.
Can someone help me, please?
You need to use OAuth2 with the https://spreadsheets.google.com/feeds permission scope. If you would like to create new spreadsheet file in the user's Drive, then you also need the https://www.googleapis.com/auth/drive scope.
See this for more on the Spreadsheet API and this for Drive.