0

I am making a very simple marketplace app using the new SDK (Oauth 2.0). One of the steps would be to automatically invite team members for a closed group so I would need access to team members (users in same domain) from the user that is starting the process going through the default "navigator icon in google navigation menu".

This is working fine, however it is only working for administrators (tried with both Directory API and Profiles data API).Is there a way to simply "read" the email from users without needing to have administrator rights? It seems quite an overkill to ask a user to be administrator just for the purpose of being able to invite his team members.

These email addresses are in the user contact list for example, when writing an email they are automatically there so it shoulnt be much of permission problem I guess. can anyone help a bit on how I can accomplish this? Maybe a different API that I have not found?

Very much appreciated, Best regards, Joao Garin

Joao Garin
  • 573
  • 1
  • 5
  • 16

1 Answers1

1

You can use "Service Accounts" to access the Directory API on behalf of the Administrator when any user accesses the App.

The Drive API has a really good set of samples here - https://developers.google.com/drive/delegation

This same technique will work with Admin SDK. The end result is the auth is not made on behalf of the user at the keyboard but as an authorized Service Account. This Service Account is authorized by the admin at the time of install.

Arun Nagarajan
  • 5,547
  • 1
  • 22
  • 19