Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to change the google API "service account" name/email address

Tags:

oauth

google-api

google-oauth

google-developers-console

google-api-client

I am using the Google API to create a spreadsheet on google drive.

  • My app has a link that says 'Download To Google Doc'
  • The app sends a file to google docs and shares it with the user.
  • The user can then see it in google docs.

This all works good.

The problem is the identity of the service account sharing the doc. It is a generated id. I want it to be branded to my app.

Is this possible? -

It is this random number. I want it to be branded. Is this possible?

like image 702
Byron Whitlock Avatar asked Apr 29 '15 01:04

Byron Whitlock

2 Answers

You can't change the service account email address, nor can you supply a real world user name to it. The service account email address is created by Google in the Google Developer console.

enter image description here

The only way to change the email address would be to delete it and create a new one but again you would be stuck with the one Google Created. I suspect that the client id and email address are a pair used for identification of your application. Similar to client id and client secret, but I cant verify that.

I do see your point it would be nice if we could.

like image 51
DaImTo Avatar answered Sep 30 '22 18:09

DaImTo

Google Service Accounts do allow you to impersonate an existing user account (for some services). I haven't tested it on Google Drive, but I have used it with the Webmaster tools API. The instructions can be found here: https://developers.google.com/identity/protocols/OAuth2ServiceAccount

To sum them up, when creating the service account credentials you can specify the "sub" parameter with "The email address of the user for which the application is requesting delegated access." The account you're requesting access for must exist and have permission to access to the services you're requesting.

In the link above Google provides examples for Java, Python and HTTP/REST, here's the Python example: 

credentials = SignedJwtAssertionCredentials(client_email, private_key,
'https://www.googleapis.com/auth/sqlservice.admin',
sub='[email protected]')

I'm using the Ruby google-api-client gem (0.9.pre3) and the ServiceAccountCredentials constructor does not pass the 'sub' parameter to its parent class so it has to be specified in another step:

client = Google::Auth::ServiceAccountCredentials.new(json_key_io: json_key_io, scope: scope)
client.update!(sub: '[email protected]')
client.fetch_access_token!
service = Google::Apis::WebmastersV3::WebmastersService.new
service.authorization = client

Using this code I can authenticate using my service account and I have access to the sites

like image 23
jsl4980 Avatar answered Sep 30 '22 17:09

jsl4980
Sign in to Comment

Related questions

Symfony2: Make users complete registration after login if some fields are missing
Google OAuth invalid_grant / Bad Request - Solution in description
Missing client_id when accessing token with linkedIn
How to extract authentication token in @Controller
Google OAuth token request returns "invalid_client": "Unauthorized"
Android Google Sign In DEVELOPER_ERROR 10
What technical detail should programmers consider while developing their own oAuth service?
omniauth oauth tokens for gmail are invalid
Facebook OAuth redirect_uri to page tab error
oAuth 2.0 Database structure
Error 500 on dialog/oauth API after today's push at 8:21
What OpenID Connect adds to OAuth 2.0 (why is OAuth 2.0 not sufficient for authentication?)
Why does OAuth 2 have Resource Owner Password Credentials Grant?
Is it OK to pass on OAuth Access Token between services?
OAuth flow when user is already logged in to the Oauth Provider
Failed to make identity provider oauth callback: org.keycloak.broker.provider.IdentityBrokerException: No access_token from server
OAuth2 Access Token Response
How can I connect to Google using oauth with Ruby?
How do I set oAuth authentication for a WCF REST C# Site
Google OAuth login page 'cancel' and 'accept' buttons are not enabled from Aug 22nd

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!