I want to set the signature for all users on my Google Apps domain to their name and job title.
Through my research, I found that the only free way to do this is by using the Gmail API.
I managed to get a list of all users on the domain (with the required info, email address that I want to set the signature of, name, job title) simply by using the quick start guide at https://developers.google.com/admin-sdk/directory/v1/quickstart/js.
At the end of the listUsers function I added the loadGmailApi code.
Once the api is loaded, it runs a funtion called setSignatures.
function setSignatures() {
var request = gapi.client.gmail.users.settings.sendAs.update({
'userId': email,
'sendAsEmail': email,
'signature': '<strong style="color: rgb(230, 145, 56); font-family: arial, sans-serif; font-size: large;">' + name + '</strong>'
});
request.execute(function(resp) {
console.log(resp);
});
}
This works perfectly when the variable "email" is my own, but when it is anyone elses, I get the following error: 403 Delegation denied for 'myemail'. I am a super admin.
I now found out I need to use a service account.
I then completely followed this guide How to obtain Google service account access token javascript.
The one difference is that to authorise I use
gapi.auth.authorize({
instead of
gapi.analytics.auth.authorize({
As I don't need the analytics API. I hope that isn't causing problems. I need the directory and gmail API.
At the end of the code provided in the above link, I loadDirectoryApi() and run code to get all the user information again, as before. I can't even get to setting the signatures, because at this point, I get an error saying : 401 Login Required.
So if I use my own email to try this, I get a 403, and when I tried a service account, I got a 401. It says login required, how can I log in? I thought service accounts don't actually log in, but I use a JWT to make an access token.
I am authorising by
gapi.auth.authorize({
'serverAuth': {'access_token': token},
'scope': 'https://www.googleapis.com/auth/admin.directory.user',
'client_id': 'myClientID'
});
What am I doing wrong? Please help. I need to know how to "log in" or authenticate with a service account so that I can update signatures.
Even if you are super admin you cant change email signatures of other users by default using gmail api.
First you need to create a service account in google dev console and add domain wide delegation for that account.
After that you go to your google admin and add that service account with required scopes under API control.
Then you need to use those credentials inside of your python script.
Basically what it does is, it allows you to impersonate as other user and change email Signature. You don't need password as the service account has domain wide rights. The below link explains how to do that.
But the link describes it using PHP but still it will help you to create a domain wide delegation service account.
https://moometric.com/integrations/gsuite/use-gmail-api-update-signatures-gsuite-users-php/
Related
Recently Ive set a nodemailer with cloud functions to mail users about some specific actions in firebase.
In the mail options:
const mailOptions = {
from: `${APP_NAME} <noreply#firebase.com>`,
}
Unfortunately, it shows the address from which Ive sent the email. And this is actually my private google account I don't really want to let user be able to see it when he receives the email. It shows MyApp <myapp#gmail.com>.
Q1: Is there a way to hide it?
However, I would accept it if I would have some official gmail account, with professional name, like: offerSender#myApp.com.
Q2: Does Google provides some customizable email box for firebase users, so I can mail users from that specific box and use some nice custom name? (I dont want to use my private one)
Thank you!
When sending mail through gmail, you can't change the reply address from the one that's used to authenticate with the gmail server. If you want your mail to appear from some other account, use a mail service that gives you this option. You will likely have to pay some money for it.
I am trying to implement Facebook login SPA. I am using the JavaScript SDK for the login. Fb authorized the user and token is received. Token is send to the web API. When API try to fetch the data from the token only Facebook id and name return from the Facebook graph api. Even though I have set the scope for the different data in java script sdk. If i fetch the data using javascript sdk. In that case i am getting the complete data whatever in the scope.
I think your asking "why am I not getting all the data I requested?". If so the most common reason is because permissions aren't set. For instance if the user grants permission to "public_profile" then Facebook will authorize your app to obtain every field that that the "public_profile" permission permits, in this case the following:
id, name, first_name, last_name, age_range, link, gender, locale, picture, timezone, updated_time, verified
obtained via
FB.api('/me',
'GET',
{"fields":"id,name"}, //any of the other fields here
function(response) {
// Insert your code here
} );
however if added 'email' in as a field then the Facebook would return everything except the 'email' because there a permission specifically for granting access to the users email called email. You can see what permissions enable what data returns at https://developers.facebook.com/docs/facebook-login/permissions
and you can test it at https://developers.facebook.com/tools/explorer. I hope that's what you where trying to say in your question. Cheers!
I am developing a mobile web application which will access the Google Books API and allow the user to add books to their "favorites" book shelf. Its my first time using an API that requires the Google authorization.
I need to send an authorized request to modify private user data. I (think) I have have the proper access_token but I can't figure out how to get to it.
I am using the Google sign in button like so:
` <div class="g-signin2" data-onsuccess="onSignIn"></div> `
I also have this to identify my application to Google:
`<meta name="google-signin-client_id" content="12345.apps.googleusercontent.com"> `
I sign in with my own Google account and the Google button changes over to "Signed In." I am simply trying to log the access token from there:
` function onSignIn(googleUser) {
googly = gapi.auth2.getAuthInstance();
var id_token = googly.currentUser.get().getAuthResponse().access_token;
console.log(id_token);
} `
I've tried everything I can find in the documentation but no matter what I do, I get back that access_token is undefined.
My suspicion is that I don't actually have an access token, but I don't know how to test that.
What is the correct way to find the access_token? Once I have it, how do I send it to the API?
It's so late but if you pass true parameter to getAuthResponse "getAuthResponse(true)" it returns access_token.
Try using gapi.auth in the API Client Library instead of gapi.auth2 in the Identify Platform. You should find gapi.auth.getToken().access_token contains the access token you need.
That said, I believe this is a bug. If you alert(JSON.stringify(googleUser)) I suspect you'll find there is an access_token field buried in there, but getAuthResponse() doesn't contain it, even though the docs suggest there should be one.
If anyone can confirm I'm understanding this correctly and report it, that would be great.
If you include the response_type in the request header as 'token' it will return the access_token with the currentUser
So, I'm trying to integrate the Login and Pay with Amazon widget, and I'm encountering some problems.
So, I have my seller account all set up on
https://sellercentral.amazon.de/gp/
I have access to my API credentials, and I need to get a LWA client.
So, I have registered on
https://sellercentral.amazon.com/gp/homepage.htm
in order to create an application. I have set up the application, on web settings I have completed the required URL's, and got my client ID.
In the js for the Login and Pay with Amazon widget, I have replaced all the info needed: Client Id, merchant Id etc.
But when I try to make a test login, I receive the following error :
400 Bad Request Unknown client_id
The Pay With Amazon documentation is not very clear, and I can't seem to find anywhere a list with the error codes.
If anybody has an idea, let me know.
Thanks!
you should create your Login with Amazon application using https://sellercentral.amazon.de instead of the .com site. They are separate accounts.
It sounds like you're missing this piece of code:
window.onAmazonLoginReady = function() { amazon.Login.setClientId('CLIENT_ID'); }
This is driving me totally crazy. I've set up an FB app and retrieved an access token by visiting: https://graph.facebook.com/oauth/access_token?grant_type=client_credentials&client_id=CLIENT_ID&client_secret=CLIENT_SECRET.
Now I want to grab a (publicly available) feed from this URL: https://graph.facebook.com/PAGE_OR_USER_ID/feed?access_token=ACCESS_TOKEN
It works fine when I try it with my own user ID or even when I try another random page but it DOESN'T work when I enter the PAGE_ID I need it to work with.
Here are some examples:
This works fine (a friend of mine's Facebook page):
https://graph.facebook.com/tatchit/feed?access_token=213451182120494|JgAwuCE74lh51t1pKMuRM2mz3GU&limit=10&offset=0
This also works fine (my own Facebook ID):
https://graph.facebook.com/al.dev.7/feed?access_token=213451182120494|JgAwuCE74lh51t1pKMuRM2mz3GU&limit=10&offset=0
This doesn't work (the client's Facebook page):
https://graph.facebook.com/142616539131188/feed?access_token=213451182120494|JgAwuCE74lh51t1pKMuRM2mz3GU&limit=10&offset=0
I don't get any errors but the result is empty.
If I try the Graph API Explorer it also works fine:
https://developers.facebook.com/tools/explorer/?method=GET&path=142616539131188%2Ffeed
But not if I enter my own access token. From what I understand the access tokens you get in the API Explorer are temporary so I don't want to use that.
How can this be?
Also. I've struggled to understand this whole access-token, client-id, app-id-business for ages now - is there a good tutorial where all this stuff is explained? I've never had this work without problems ever.
Thank you
You should be using user access token for all the above queries. App Access token is used when you want to do something like check the app insights so and so.
When the pages has age restrictions or something so, app token wont be able to get through, but since the user is already a member of the page, you can use the user access token to get the data.
Add : Quoting from the documentation,
Note that the **app access token** is for publishing purposes permitted by the publish_actions and publish_stream permissions. You will be **unable to retrieve information** about the status update post with the given ID using the app access token. Instead, you should use a **user access token** for such purposes.
Other Capabilities of an App Access Token
There is a limited set of information that can be retrieved from Facebook using an App Access Token.
Basic Profile Info of a User (ID, Name, Username, Gender)
A User’s Friends and their IDs
Permissions granted by the User to your App
Read : https://developers.facebook.com/docs/opengraph/using-app-tokens/
So you should be querying with the user_access token to access all the informations that you are looking for, not with an app access_token.
You are using an App Access token instead of a User Access token. Some of the pages you are viewing may have a country or age restriction set, so using an app token will not work.
See: http://developers.facebook.com/docs/concepts/login/access-tokens-and-types/