Access Tasklist from other account in the domain

[Mario Cauwe]

Dear community,

I am planning a time-based trigger which should assign tasks to different employers in a Google managed domain. I check out the Tasks Advanced Service, and the documentation says it works on the tasks in your (@me) account. Is it possible to access and create/update tasks for the different accounts? I don't see any place where I could enter a user id or email address.

I searched the community and the internet, but I don't find anything related to this.

Thanks in advance for pointing me into the right direction.

Best regards,

Mario

[Clark Lind]

Not that I know of. That would be like accessing someone's gmail or drive or other workspace app and do things there without permission. Since Tasks are associated with a person's account, you don't have access to it.

That being said, there may be ways to achieve what you want by using the new Google Tables. If you were to create a table that had a column for "assigned to" with data type "person", you could use Apps script to add a row with the person's email in the proper column. This may help: https://developers.google.com/apps-script/advanced/tables#create_a_row_in_a_table

[Adam Morris]

Hi Mario, that sounds like an interesting little utility there.

The target API uses the “current authenticated user” to do everything. So in AppsScripts, depending on who is running the script, that is the user that is authenticated if you use that advanced service. AppsScripts will handle that for you, which is one of its core features that lowers the bar of entry.

But you can peal back the layers by interacting with the target API endpoint directly, with UrlFetchApp.fetch instead of Tasks. You also need to set up an service account, which isn’t hard to do, but only google administrators can do it.

Then you can use an oauth2 lib, which you send it the username/password info of the service account (client ID/secret), and the token provided by that library to authenticate with those UrlFetchApp.fetch calls.

I’m afraid I’ve given a lot of information that might be not so clear, but I’m hoping that aids you in next steps.

Regards,

Adam

--
You received this message because you are subscribed to the Google Groups "Google Apps Script Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-script-c...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-script-community/5a8159ea-8b2a-425e-88d1-64732fe7e2afo%40googlegroups.com.

--

http://classroomtechtools.com

[dimud...@gmail.com]

If you have super-admin access to your Google managed domain you can delegate domain-wide authority to a service account and use it to authorize and invoke methods of the Task API for any user. However, you'll need to write custom methods to call the Task REST API directly using UrlFetchApp.fetch() (so you won't be able to use the advanced service). Plus you'll need to set up an OAuth2 flow for the service account (thankfully Eric Koleda's OAuth2 library can handle that for you).

[mario...@gmail.com]

Hi everybody, 

Thank you for the updates. I was indeed thinking I would need a service account to invoke the API, but I didn't find a lot of information on how to actually retrieve a user to be able to assign the task. I will have another look, but I recall to not have seen any parameters allowing this.

"That would be like accessing someone's gmail or drive or other workspace app and do things there without permission. Since Tasks are associated with a person's account, you don't have access to it."

Not exactly, I rather compare it like sending an email to someone. You don't need to access their account to send a mail, so I imagine it would be the same to assign a task.

Op vrijdag 19 februari 2021 om 03:39:11 UTC+2 schreef cwl...@gmail.com: