I know how to use Google Drive API to watch user's activity with files. For that I create 'changes' objects with that url: drive/v3/changes/watch.
But how to deal with Google Workspaces API? As an admin, I want to watch for all users' drives activities (adding new files, changing them). I'm as an admin, can get a list of users. And how I can watch all drives of all users in the Workspace?
Use Google Workspace Admin SDK > Reports API
Specifically Method: activities.list on this API which allows you to retrieve all user activities given certain parameters, i.e.
Try API
https://developers.google.com/admin-sdk/reports/reference/rest/v1/activities/list?apix_params={"userKey":"all", "applicationName":"drive", "eventName":"edit", "startTime":"2021-02-22T10:26:35.000Z"}
Or
Request
GET https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/drive?eventName=edit&startTime=2021-02-22T10:26:35.000Z
The parameter eventName can be edit, add_to_folder, create, delete, ... among several events.
All Drive Audit Activity Events can be consulted here
Related
I got a AWS amplify app with datastore categorie. Also user can login and add notes (AWS Cognito for authentication and GraphQL as API in order to insert data to the table). I coded the login function and further Backend services on ios plattform while using swift.
Those notes are created by different user. Now I want to provide those data for a user which only has read access and din't has to be logged in.
Question is, how to access to this data via a REST interface. Unfortunately I can't find any API address listed in the Table details. Does anyone has experience with this stack and can advice here ?
My goal is to provide all data to a usual visitor of the app. So he should be able to see all data, published by all users.
Appreciate your help.
Ok, I hope I don't get too beat up here for this question as it is kind of complex. At least in my view, with what I know so far. So the details first:
I built a nice app with django that brings in event data for users, utilizes that data for many things (not relevant to this question) but one of the things is that it syncs these events to the users Google calendar. I made the google app within the developer console, and it uses the provided credentials.json file to allow users to authenticate the app, thus creating individual user token.json files per user, then I have another script (not within django, just a custom python file) that runs from a cron job to automatically sync/ update the calendar info from the database to the google calendars.
Now, the new problem is having this work without my help. IE: a new user logs in and creates a profile, then if they should choose to sync to their Google calendars I have to be there, running the authentication process from my personal server. So I did that, by moving the whole app to a hosted platform and brought it up to speed in production mode.
Users can create a profile, using django-allauth it works to make an initial user account where they can fill in the rest of the profile. It does populate the token string for their account, but here is where I'm stuck.
What process is there to make the token.json file OR use the existing token string (the one it saves now on the server version) to allow the system to sync the calendars? Once the token files are created, the rest of this works. I just can't get the right answers to how django-allauth will handshake with Google and do this?
Thanks for any help!
Update: ultimately wound up using a service account with google api, and directing my users to combine the service account email (adding it as a shared user to the specific calendar) and they copy/paste the shared calendar ID in their profile on my app. All the logic now just uses this share function to sync the calendars, and it works great.
We're using Google Analytics API in our application and perform actions (read data) on behalf of our users (we get their tokens via OAuth2). We use a client id and client secret to authorize our Google API project (application).
The problem is that we're unable to reach this project in Google's developer console, because the user in our Google App account who created this project was deleted. Regardless, the Google API still works (we have the key and the client secret) but we're unable to reach it in the admin section in the browser, but we can't access it because the owner was deleted.
What are the options to recover access to this API project? Is it possible to transfer ownership of this project using Google API? It's running in production so we can't afford to generate a new API project.
Is it perhaps possible to generate a new API project by keeping all our users consents (they authorize their accounts using an authorization popup in our web app)?
EDIT: it's also possible the user still exists, but we don't know who's the owner. Is it possible to retrieve this info using the app's api key/secret?
How to find out who owns your credentials.
Authenticate your application the pop up window will appear. Click on the name of the application the little arrow and a drop down will apear with the email address of the developer who owns the project.
If you have lost access to this account i am not aware of any way of getting access back. However for the sake of curiosity i am going to contact someone at Google and find out if they have a procedure for account recovery or not. I will update this when i hear back.
If the account that has a credential was a gsuite user then we can transfer the project to the admin of the domain.
Have the admin of the GSuite contact me with information on the project, client id, email of the user who was deleted. We can then add the admin of the gSuite as the owner of the project.
From the question, this was likely a gsuite user because even after the account is deleted, the project was not deleted.
I've been reading the real-time updates documentation for a while and I can't seem to find an answer. Can I use this feature only for the app's users? Can't I define a list of IDs that I want to receive the public feed from(even though not app's users)?
Thanks a lot
From the documentation:
Objects
You can currently subscribe to updates for these types of objects:
user – Get notifications about particular fields and connections
corresponding to user nodes in the Graph API.
permissions – Get
notifications when your users change the permissions they afford your
applications. The fields are like those in the corresponding FQL
table.
page - Get notifications when pages that have installed your
application change their public properties. Note that the page topic
is only used for subscribing to changes to public attributes of the
page (like name, category, picture etc). This is the same information
that is returned by the graph api call
https://graph.facebook.com/. You can subscribe to the page's
feed in the same way you subscribe to a user's feed - the subscription
topic should be 'user' and the subscription field should be 'feed'
These objects are related to YOUR application, so it would be updates from users of your applications, permissions related to your application, etc..
I am pulling list of docs in coldfusion via google docs API. I want users to click on the link and get signed in automatically in google docs, with my username and password. Google should not ask user name and password from them.
I tried out this example http://cfgoogle.riaforge.org/
Till now I am able to pull up list of documents I have on my google docs account.
But I want anyone to click those link and get automatically signed in as me. And able to access my documents. Is it possible?
I would guess that accessing the documents as you is not possible via the end-user's browser. Google will set a cookie on your computer identifying your session. This allows you access to documents, mail, etc. whatever is linked in your account. For them to be able to access the documents using your account, they would have to be logged in as you. You can't do that directly from your application, because you can only write cookies for your domain (oversimplification, but basically....)
There may, however, be a workaround.
One option would be to use the API to automatically share the document with the user. That is, they provide their Google ID (not password) and you share with their account. This is probably what I would try.
Alternately, you could proxy requests for documents, although this opens up a whole 'nother can of worms.