Creating a group with Admin SDK Directory API in Google Apps Script doesn't work "On form submit"

Question

I've read through all of the relevant pages in the Admin ADK Directory API documentation and several questions on stackoverflow, and I'm still stuck.

I am the super admin of my Google Apps domain, and I want users in my domain to be able to create their own Google Groups. I made a Google Form where the user specifies the name and email of the group. Then the Google Form Responses sheet has an "On form submit" trigger that invokes my code to create the group.

This code works when I run createGroupTest() from the Script Editor. It creates the group in my Google apps domain immediately.

This code does not work when the "On form submit" trigger runs the onFormSubmit(e) function. I get the email from the catch(e) saying Exception: Failed to authenticate for service: Groups.

Does anyone know what is causing the oauth authentication to work from within the Script Editor but not when invoked by the onFormSubmit function?

function onFormSubmitTest() {
 
  var t = new Date();
  t = t.getTime();
  
  onFormSubmit([t, "AAA Test Group " + t], ["aaa.testgroup." + t + "@mydomain.com"], ["me@mydomain.com"]);
  
}

var consumerKey = "mydomain.com";
var consumerSecret = "xxxxxxxxxxxxxxxxxxxxxxxx";
var domainName = "mydomain.com";

function onFormSubmit(e) {
  
  var timestamp  = e.values[0];
  var groupName  = e.values[1];
  var groupEmail = e.values[2];
  var owner      = e.values[3];
  
  owner = owner.split("@")[0];
  
  var description = 'test';
  
  var requestBody = {email: groupEmail, name: groupName, description: description};
             
  var scope = "https://www.googleapis.com/auth/admin.directory.group";
  
  var fetchArgs                = googleOAuth_("Groups", scope);
  fetchArgs.method             = "POST";
  fetchArgs.contentType        = "application/json";
  fetchArgs.payload            = JSON.stringify(requestBody);
  fetchArgs.muteHttpExceptions = true;
   
  var url = 'https://www.googleapis.com/admin/directory/v1/groups?key=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
  
  UrlFetchApp.fetch(url, fetchArgs);

}
 

function googleOAuth_(name,scope) {
  var oAuthConfig = UrlFetchApp.addOAuthService(name)
  oAuthConfig.setRequestTokenUrl("https://www.google.com/accounts/OAuthGetRequestToken?scope="+scope);
  oAuthConfig.setAuthorizationUrl("https://www.google.com/accounts/OAuthAuthorizeToken");
  oAuthConfig.setAccessTokenUrl("https://www.google.com/accounts/OAuthGetAccessToken");
  oAuthConfig.setConsumerKey(consumerKey);
  oAuthConfig.setConsumerSecret(consumerSecret);
  return {oAuthServiceName:name, oAuthUseToken:'always'};
}

Is this code still valid? Does this require just a key in the developer console or does it require oauth2? Could you give some instructions on this? — Riccardo, Jan 28 '21 at 10:28
@Riccardo Yes, this is still valid in 2021 and is still being used in my code. It uses the [OAuth2 for Apps Script](https://github.com/googleworkspace/apps-script-oauth2) library, which is actively maintained by the Google Apps Script Team. `googleOAuth_` was taken from that library but you just need to add the library, you don't need to add the function to your own code. — Employee, Jan 28 '21 at 15:43

Employee · Accepted Answer · 2022-05-13T05:02:41.910

5

I figured it out: I had failed to include the domain extension in the groupEmail string (because my Google Form only asks the user to fill in the group email name without the domain extension).

edited May 13 '22 at 05:02

answered Jun 30 '14 at 12:27

Employee

2,231
3
33
60

Creating a group with Admin SDK Directory API in Google Apps Script doesn't work "On form submit"

1 Answers1