File tree Expand file tree Collapse file tree 2 files changed +18
-1
lines changed Expand file tree Collapse file tree 2 files changed +18
-1
lines changed Original file line number Diff line number Diff line change @@ -185,3 +185,19 @@ if no token format is chosen.
185185 .setScope('gist,repo,user')
186186 .setTokenFormat(OAuth2.TOKEN_FORMAT.FORM_URL_ENCODED);
187187 }
188+
189+ #### Service Accounts
190+
191+ This library supports the service account authorization flow, also known as the
192+ [ JSON Web Token (JWT) Profile] ( https://tools.ietf.org/html/draft-ietf-oauth-jwt-bearer-12 ) .
193+ This is a two-legged OAuth flow that doesn't require a user to visit a URL and
194+ authorize access.
195+
196+ One common use for service accounts with Google APIs is
197+ [ domain-wide delegation] ( https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority ) .
198+ This process allows a Google Apps for Work/EDU domain administrator to grant an
199+ application access to all the users within the domain. When the application
200+ wishes to access the resources of a particular user, it uses the service account
201+ authorization flow to obtain an access token. See the sample
202+ [ ` GoogleServiceAccount.gs ` ] ( https://github.com/googlesamples/apps-script-oauth2/blob/master/samples/GoogleServiceAccount.gs )
203+ for more information.
Original file line number Diff line number Diff line change @@ -50,6 +50,7 @@ function getService() {
5050 // Set the property store where authorized tokens should be persisted.
5151 . setPropertyStore ( PropertiesService . getScriptProperties ( ) )
5252
53- // Set the scope and additional Google-specific parameters.
53+ // Set the scope. This must match one of the scopes configured during the
54+ // setup of domain-wide delegation.
5455 . setScope ( 'https://www.googleapis.com/auth/drive' ) ;
5556}
You can’t perform that action at this time.
0 commit comments