2

First, this question is a duplicate of Fetch JSON object from Google WebApp from another Google WebApp however, that question is 6 years old, and the answer does not work in my situation -- details below.

--

I have a Google Apps Script web-app that returns JSON and is published such that it runs as me and anyone in my organization can access it. For various reasons, I cannot publish it as anonymous as answered from the other question.

function doGet(request)
{
    return ContentService.createTextOutput(JSON.stringify(request)).setMimeType(ContentService.MimeType.JSON);
}

I am trying to call this web-app from another web-app using UrlFetchApp.fetch(...) but it seems to return a bunch of HTML instead of the expected JSON output.

function testIt()
{
    var a = UrlFetchApp.fetch("https://script.google.com/a/verizon.com/macros/s/[redacted]/exec");
    Logger.log(a.getContentText());
}

I understand that the second web-app, the one with testIt runs from Google's servers so the UrlFetchApp.fetch call is anonymous.

There must be a way to pass the authentication token of the user running testIt?

I tried this, but it did not work either:

var a = UrlFetchApp.fetch("https://script.google.com/a/verizon.com/macros/s/AKfycbxseotobMLXnid5PT_UpBRWZdNrhhX2EOegeCd4b9gFA2VbAvLm/exec", {
    "method":"GET",
    "muteHttpExceptions": true,
    "headers": {
        "Authorization" : "Basic " + ScriptApp.getOAuthToken()
    }
});

Am I doing something wrong or is what I am after not possible?

Basically, I have a web-app I own and someone else has a web-app they own. I am trying to find a way they can call my web-app from their web-app to do certain things that their web-app does not have access to (writing some data to some sheets and sending some emails from my account).

Improve this question
6
  • 1
    Although I'm not sure whether this is the direct solution of your issue, in your script, when Basic is modified to Bearer, what result will you get? And also, can you confirm that the scopes of Drive API are included in your scopes? If that is not included, please put // DriveApp.getFiles() as the comment line. By this, https://www.googleapis.com/auth/drive.readonly is included. I think that in the case of Web Apps, this can be used for accessing. Ref
    – Tanaike
    Commented Sep 30, 2020 at 4:38
  • Basically, I have a web-app I own and someone else has a web-app they own As long as both are in the same domain and webapp1 has read access to the webapp2, the above workaround mentioned by Tanaike should work.
    – TheMaster
    Commented Sep 30, 2020 at 4:52
  • Can you confirm that the comments above solved your issue?
    – Jose Vasquez
    Commented Sep 30, 2020 at 9:35
  • 1
    Yeah, that is working. I am such an idiot. Thank you @Tanaike! If you put that as an answer then I'll mark it so.
    – IMTheNachoMan
    Commented Sep 30, 2020 at 12:01
  • 1
    Thank you for replying. I'm glad your issue was resolved. I post it as an answer. I thought that this will be also useful for other users. Could you please confirm it?
    – Tanaike
    Commented Sep 30, 2020 at 22:40

1 Answer 1

Reset to default
1

When it accesses to the Web Apps using the access token, please modify as follows.

From:

"Authorization" : "Basic " + ScriptApp.getOAuthToken()

To

"Authorization" : "Bearer " + ScriptApp.getOAuthToken()
  • As an important point of this case, please confirm whether the scopes of Drive API are included in your scopes.
  • If that is not included, please put // DriveApp.getFiles() as the comment line. By this, https://www.googleapis.com/auth/drive.readonly is included in the scopes. I think that in the case of Web Apps, this can be used for accessing.

Reference:

Improve this answer

Not the answer you're looking for? Browse other questions tagged or ask your own question.