2

I have an app that consists of two parts

  1. an installed application (more specifically: a browser add-on) that runs on the user's machine, and
  2. a web app implemented as a stand-alone Google Apps Script app using HtmlService.

The two parts talk to each other and both access some Google APIs on behalf of the user via Oauth. To do this, I set up an API project in the Google API console. In the section "API Access", I created a client of type "Installed Application" for the browser add-on. For the Apps Script part, Google takes care of the authorization flow automatically.

My problem is that Google does not know that these two clients are part of the same project. Therefore, the user has to go through two authorization steps in a row when executing my app for the first time (first, the Oauth process for the browser add-on and then the automatically generated authorization process from Google Apps Script). This is very confusing to the user, especially, since the splitting between the browser add-on and the web app is rather an implementational detail about which the user shouldn't really have to bother.

Is there a way to unify the two authorization flows? I know that one can add several distinct clients to a single project in the Google API console. It seems to me like this feature is explicitly intended for scenarios similar to mine, where more than one application make up what is perceived as a single service by the user. Unfortunately, web apps that are implemented in Google Apps script don't seem to be compatible with the Google API console because of the way Apps Script generates the authorization flow automatically. Or am I missing an option in the API console or in the Apps Script editor?

robamler
  • 179
  • 1
  • 8
  • FYI: it is now possible to [bundle Apps Script add-ons with Google Apps Marketplace Apps](https://developers.google.com/apps-script/add-ons/domain-wide#bundling_with_an_existing_google_apps_marketplace_app). – Ryan Roth Apr 02 '15 at 19:33

1 Answers1

2

For future reference: I found out that Google automatically creates an API project in the Google API console for each Google Apps Script project. This seems to be a fairly recent feature. One difficulty for me was that these API projects don't show up when one goes to the API console, clicks on the name of whatever project is currently opened in the upper left corner and chooses "open". Apparently, the only way to reach the auto-generated API project is as follows:

  1. Go to drive.google.com and open the Google Apps Script project.
  2. Chose "Resources --> Use Google APIs...".
  3. In the popup, click the link to the Google API console.

In principle, this should allow to add additional clients to the project, as long as none of the other clients is also a Google Apps Script project. I haven't been able to test this since it still doesn't solve my specific problem: Sending e-mails from the user's Gmail account seems to be a feature unique to Google Apps Script and I couldn't find an Oauth2 scope for this operation. Therefore, I still cannot ask for all required permissions in a single authorization flow. But if anyone who's reading this has a similar problem with different Oauth2 scopes, the above instructions should fix it for you.

Anyway, I solved my problem in the meantime by no longer using Google Drive to upload files.

robamler
  • 179
  • 1
  • 8
  • Thank you! This is the first place I've found where this was mentioned... after combing through pages and pages of the Google documentation! – Glen Little Nov 04 '13 at 00:22