I am the admin of a Google domain and I need to he able to read users emails in my php app. How is this possible? I have tried to use IMAP but it won't even connect. Is there something special that apps have to do?
Here is a list of all the ways to read a user's Gmail mailbox, outside of App Engine :
IMAP, as you said. Provided it is enabled on your domain. Most of our customers disable it for security reasons (no audit trace of the connections).
Apps Script, but it requires the user's consent, even if you're an admin
The Email Audit API, but an Email extraction takes approximately 2 weeks (no kidding)
If IMAP is enabled on your domain, then it's the best choice. However, by default GAE does not allow outgoing connections apart from HTTP requests. The workaround for this limitation is the Sockets API, currently in preview. You can check it out here.
Note that you will also need to use an OAuth2 service account (domain-wide delegation) and IMAP-XOAuth2 to authenticate with the IMAP protocol.
Related
I have a google business apps account.
My requirement is to scan all emails of my support email and process them.
This has to be done on the server side without any manual interaction.
I am able to make this work with IMAP, but i am looking at making this work with Google API.
This doesn't work with the Google API unless i do manual client consent.
Or i need to use the service account, in which case i have to get a domain wide access although my requirement is only for one email id. This is against my company's information security policy hence cannot use this option.
Require help on how i can use Google API to do the integration between my server and gmail server at a individual email account level. Any suggestions?
I own a domain, call it myDomain.com, which currently masks a Google App Engine project. I have multiple alias email addresses associated with this domain, e.g. rsvp#myDomain.com, that are all set up to forward to my Gmail account. I am unable to ever authorize these aliased email accounts as Editors of my Google App via the Developer's Console because Google always sees the aliased email as my Gmail account and says...
You are already a member of this project, you cannot accept this
invitation.
...whenever I attempt to accept the invite to Edit.
Thus when I attempt to send an email via an aliased email from my deployed app, I get an InvalidSenderError: Unauthorized sender error.
Is it possible to use my domain's aliased emails to send emails from my app if they are forwarding to the same account that deployed the app? I will try an experiment this evening where I use a different forwarding email account, but this is not sustainable, as I would like to have many (>10) aliased email addresses.
Thanks!
Unfortunately, you can't send from email aliases using the built in mail service in GAE. It must be a a full user with developer access to that project.
We switched over to using The SendGrid integration for much the same reason.
There is a built in library for it in GAE and you and get a free SG account for low volume. Check out docs at https://cloud.google.com/appengine/docs/python/mail/sendgrid for more info.
I am setting up an App Engine application, and I want to register all my users based on their phone number (like Whatsapp).
The server will need to send an SMS to the user to authenticate. Then the user can log in with a combination of their phone number + password.
Does Google Apps support this type of authentication model, or do I have to use a Google Account?
I saw Twilio support, but that seems more for setting up an app that sends a bunch of SMSes/VoIP server side. I just need to receive one SMS per user to confirm their phone number.
Note: this will be a iOS/Android app, with possible web support in the future.
The App Engine does not force you to use any authentication mechanism. You can choose Google Account option when creating your app, and you may find it useful for admin logins, for example, but you don't have to use it for all users of your app.
The App Engine does not offer a built-in support for SMS authentication, but there is nothing that prevents you from using it. Twilio API offers all the tools that you need.
Note that SMS authentication model has major limitations. For example, people tend to change phones and sometimes their phone numbers, and they typically lose access to the previous phone/number immediately upon switching, which makes it difficult to transfer their accounts. This is one of the reasons why more apps choose a two-step verification (username/password with SMS confirmation) as opposed to a single-step SMS-only approach.
I understand how the authorization process with Oauth works but is it somehow possible to authorize my access to my endpoints API without the user having to sign in? So what I'm trying to do is to restrict access to my API so that only certain websites, that I allow, have access to it and no others.
In Google APIs console I have created a 'client ID for web applications'.
In your described use case, the preferred solution is to use OAuth. In following the examples in the documentation, you'll be limiting the web sites (via the "JavaScript origins" value for the keys you obtained in the APIs Console).
Sites not listed in the origins will not be able to display the required authentication prompt (the client ID and origin are checked before Google will provide tokens). Developers will not be able to create their own client IDs with their preferred JavaScript origins, because your backend will be checking the client ID of the request is on a whitelist that is part of your code.
Our customers want to send emails from our java appengine application using their email accounts, with their smtp servers. Is that possible? Verifying all their email addresses in appengine is NOT an option. Would it be possible to send email from an appengine application using an external SMTP server?
Thank you very much.
No, there's no way for an App Engine app to make a connection to an external SMTP server. If you want to do this, you'll need to find or build a webservice that sends email via an HTTP-based interface.
It's possibly to do today, but requires some indirection. If they set up a web form (cgi script, web app , whatever) that forwards to their SMTP server (after making the appropriate authentication checks, of course), then it's a simple matter for an App Engine app to make a POST.