CODEWITHSUNDEEP
google-app-enginegoogle-calendar-api
user3068197
user3068197

Reputation: 3

Google api access to google account information

I have a really quick question, i noticed that when you sign up for market app it asks to for permission to access contacts, calendars, etc.

where and how is this controlled? i know there are api's for retrieving data from those sources but what about the permissions etc?

Upvotes: 0

Views: 86

Answers (1)

Anis H
Anis H

Reputation: 1150

Applications built for the Google Apps Marketplace can access Google APIs using 2-legged OAuth. A Marketplace application includes the API scope required in its application manifest. When the application is installed in a domain, the domain administrator must explicitly approve access to the declared scope. This gives the application access to the required scope, for that domain, using the application's 2-legged OAuth consumer key and secret.

An example manifest file that describes an application that requires access to Google Calendar API:

    <?xml version="1.0" encoding="UTF-8" ?>
<ApplicationManifest xmlns="http://schemas.google.com/ApplicationManifest/2009">
  <!-- Support info to show in the marketplace & control panel -->
  <Support>
    <!-- URL for application setup as an optional redirect during the install -->
    <Link rel="setup" href="http://www.example.com/google/setup.php?domain=${DOMAIN_NAME}" />

    <!-- URL for application configuration, accessed from the app settings page in the control panel -->
    <Link rel="manage" href="http://www.example.com/google/admin.php?domain=${DOMAIN_NAME}" />

    <!-- URL explaining how customers get support. -->
    <Link rel="support" href="http://www.example.com/google/support.php" />

    <!-- URL that is displayed to admins during the deletion process, to specify policies such as data retention, how to claim accounts, etc. -->
    <Link rel="deletion-policy" href="http://www.example.com/google/deletion-policy.php" />
  </Support>

  <!-- Name and description pulled from message bundles -->
  <Name>AppTest</Name>
  <Description>A simple application for testing the marketplace</Description>

  <!-- Show this link in Google's universal navigation for all users -->
  <Extension id="navLink" type="link">
    <Name>AppTest</Name>
    <Url>http://www.example.com/home.php?from=google&amp;domain=${DOMAIN_NAME}</Url>
    <!-- This app also uses the Calendar API -->
    <Scope ref="calendarFeed"/>
  </Extension>

  <!-- Declare our OpenID realm so our app is white listed -->
  <Extension id="realm" type="openIdRealm">
    <Url>http://www.example.com</Url>
  </Extension>

  <!-- Need access to the Calendar feed -->
  <Scope id="calendarFeed">
    <Url>http://www.google.com/calendar/feeds/</Url>
    <Reason>This application shows the next Calendar event.</Reason>
  </Scope>

 </ApplicationManifest>

Upvotes: 1

Related Questions