Menu
Let's say I have a Google account [email protected] with project project-1 (configured as Google App Engine application in Google Developer Console) and a service account with e-mail address [email protected] that belong to it.
I know how to use this service account to create a calendar and manipulate its entries programmatically: I use the Google APIs Client Library (Java version, with service account´s credentials) to invoke Google Calendar API inside my Google App Engine application and it does just that. However any such created calendars seem to be distinctly owned by the service account, not by my englobing Google account. I conclude this from the following observations:
My calendars.Other calendars | Add a friend´s calendar and with the service account´s email-address, I can send off the request, but it never gets answered (presumably because the service account's e-mail address isn't a "real" e-mail address).CalendarListEntry#hidden, so the default false should apply.So my question is this: How can I access calendars and calendar entries that were created programmatically with Google Calendar API (and a Java client in my case) in the normal Google Calendar Web UI. E.g., can the service account share its calendars with its owning Google account, or can I directly manipulate the Google account's calendars with its service account credentials in the UI.
I realize there are some previous questions on the same topic, but they haven't helped to solve the mystery for me so far.
389
Share you calendarIn the Google Developers console, go to IAM & Admin > Service Accounts and copy your Service Account ID email. Afterwards, go to your Google Calendar, and select Calendar Settings for the calendar you want to have access to. Then go to the Share this Calendar tab.
Anyone who has the "Make changes and manage sharing" permission is technically an owner. Anyone having that permission can remove anyone else from the calendar, including removing the one who originally made the calendar. So they're all owners.
You can transfer calendars you own to other owners. You can also transfer events to another owner or calendar. Tip: When you transfer events that contain a Google Meet link, the video conferencing policies applicable to that event are also impacted.
If you can find the calendar ID from a user who has access to the calendar by going into the calendar settings is the way I did it, you can just add the calendar to your account using the calendar ID URL, once it is in your account as a super admin you can see who created the calendar and you can change who has access ...
You will have to programmatically share the calendar created by the service account. The calendars are owned by the service account.
What you tried :
Share the calendar programmatically with your account, log the calendar unique id and then enter it in the UI.
136
According to the (outdated) documentation, you have to call .setServiceAccountUser("[email protected]") and the event will show up on that user's Calendar.
https://developers.google.com/identity/protocols/OAuth2ServiceAccount#authorizingrequests
Delegate domain-wide authority
If you have delegated domain-wide access to the service account and you want to impersonate a user account, specify the email address of the user account with the setServiceAccountUser method of the GoogleCredential factory. For example:
GoogleCredential credential = new GoogleCredential.Builder()
.setTransport(httpTransport)
.setJsonFactory(JSON_FACTORY)
.setServiceAccountId(emailAddress)
.setServiceAccountPrivateKeyFromP12File(new File("MyProject.p12"))
.setServiceAccountScopes(Collections.singleton(SQLAdminScopes.SQLSERVICE_ADMIN))
.setServiceAccountUser("[email protected]")
.build();
It has to be a service account for a GSuite domain, and you have to enable GSuite Domain-wide Delegation.
40
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
