In the App Engine "Application Settings" page it lists an email address:
mocktagish#appspot.gserviceaccount.com
If someone sends an email to this address, how do I read it?
What do I need this address for?
I don't think it is an email address. This is the service account name, an external identifier for your application.
The settings page says:
Use this name when interacting with external services on behalf of
your application.
You use it e.g. while connecting your app to Google Cloud Storage.
Related
I own a domain, call it myDomain.com, which currently masks a Google App Engine project. I have multiple alias email addresses associated with this domain, e.g. rsvp#myDomain.com, that are all set up to forward to my Gmail account. I am unable to ever authorize these aliased email accounts as Editors of my Google App via the Developer's Console because Google always sees the aliased email as my Gmail account and says...
You are already a member of this project, you cannot accept this
invitation.
...whenever I attempt to accept the invite to Edit.
Thus when I attempt to send an email via an aliased email from my deployed app, I get an InvalidSenderError: Unauthorized sender error.
Is it possible to use my domain's aliased emails to send emails from my app if they are forwarding to the same account that deployed the app? I will try an experiment this evening where I use a different forwarding email account, but this is not sustainable, as I would like to have many (>10) aliased email addresses.
Thanks!
Unfortunately, you can't send from email aliases using the built in mail service in GAE. It must be a a full user with developer access to that project.
We switched over to using The SendGrid integration for much the same reason.
There is a built in library for it in GAE and you and get a free SG account for low volume. Check out docs at https://cloud.google.com/appengine/docs/python/mail/sendgrid for more info.
I have an appengine app that stores documents in a Google Docs account. It uses the Documents List API to communicate with Google Docs but I am now trying to migrate it to use the Drive API as the Documents List API is supposed to be shutdown on 4/20.
I would like to know if I need to grant any special permissions for my appengine app to be able to access the Drive account and read/write documents from it. i.e., do I need to add a row on this screen?
The Google Docs account under which files are stored by my current app is of the form user#xyz.com where xyz.com is a domain name that I purchased through Google and that is aliased to my appengine app. Further user#xyz.com is an owner of my appengine app.
Yes.
Delegate domain-wide authority to your service account
In the Client name field enter the service account's Client ID.
In the One or More API Scopes field enter the list of scopes that your application should be granted access to (see image below). For example if you need domain-wide access to the Google Drive API and the Google Calendar API enter: https://www.googleapis.com/auth/drive, https://www.googleapis.com/auth/calendar
Click the Authorize button.
Your service account now has domain-wide access to the Google Drive API for all the users of your domain, and potentially the other APIs you’ve listed such as the Calendar API in the example above. You are ready to instantiate an authorized Drive service Object on behalf of your Google Apps domain's users.
When you make the calls, you will have to impersonate the user whose account you want to access, i.e. user#xyz.com
I am trying to connect to Google Drive from my App Engine code. But it requires Client code. Google App engine generates Client code (P12 key) only for the service account. But I want it for a technical user we have created.
How can I do that?
If the "technical user" you are referring to is a #gmail account, then your only option is to do the OAUTH dance once to obtain a oauth token and refresh token. You have to create a "Client ID for web application" to do this. Once you have the auth and refresh token, you can connect as your "technical user" to Google drive.
If the "technical user" you are referring to is a Google Apps account, then you can authorize the consumer key/secret related to the service account in the Google Apps control panel with the required Drive scopes. You will have to indicate in the API call what user (i.e. the technical user) you want to impersonate when you connect to Google Drive.
I have registered a domain when I was registering Google App for business.
I'm just wondering if I could let that domain point to my server instead of Google site?
If not, how can I release the domain and register it(the same name) from some other domain name provider?
You can associate your purchased domain with your App Engine application. Go to the Admin Console and then Application Settings. You will see a Domain Setup section. Click on Add Domain and follow the steps. For further details, check out the instructions.
Yes, you can manage your DNS records even if you bought the domain as part of the Google Apps sign up. In case you don't want to host your website on Google App Engine or Google Sites you can access the DNS credentials for your assigned provider (Enom, GoDaddy) at Domains -> Advanced DNS Settings from there you should login to your provider console in order to change the settings.
https://support.google.com/a/answer/54693?hl=en
If you want to transfer to another provider, follow the standard procedure that each provider has, it usually requires so email confirmation back and forth. Also, make sure not to renew your domain automatically in the Google Apps admin console, otherwise you may be billed twice for the domain.
Now that Google is offering DNS-as-a-service in the Cloud Platform I wonder when they will end the partner DNS hosting and manage it themselves from end to end.
Referring to the following document about sending email in Google App Engine:
https://developers.google.com/appengine/docs/python/mail/sendingmail
It says that the email sender (i.e., From address) may be:
Any valid email receiving address of a domain account, such as support#example.com. Domain accounts are accounts outside of the Google domain with email addresses that do not end in #gmail.com or #APP-ID.appspotmail.com.
This seems to be imply that as long as my domain mycompany.com is a Google Apps domain and I've added to my my Google Apps CPanel as a service, that I would be able to send an email from any arbitrary address that is not an existing user, such as: whatever#mycompany.com. Note that I do not have the app's authentication type set up as "Google Apps Domain" but rather as "Google Accounts API".
However, this is not working as such. I am only able to send email if it is an existing Google Apps user and is registered with the app as an administrator.
Please clarify. Thanks.
You should continue reading right after the sentence you quoted:
Any valid email receiving address of a domain account, such as support#example.com. Domain accounts are accounts outside of the Google domain with email addresses that do not end in #gmail.com or #APP-ID.appspotmail.com.
To send an email from an existing domain account, add the domain account as a Developer to your application using the Administration Console. The account is then sent an email with an invite to develop the application, which you must accept to add the account to the application.
So you still need to add the domain user under GAE Admin -> Permissions.