I'm trying to call the Gmail API in App Script while impersonating a user account using Google's Oauth2 library for App Script to set a delegate for their inbox. Using Google's examples as a base, I created the following function to call the service and provide the right information to create a new Delegate on an inbox:
function setGmailDelegate() {
var formObject = {
delegateReaderEmail: "[email protected]",
delegateTargetEmail: "[email protected]"
};
var userEmail = formObject.delegateReaderEmail;
var boxEmail = formObject.delegateTargetEmail;
Logger.log("Letting "+userEmail + " read " + boxEmail);
var service = getGmailAddDelegateService_(boxEmail);
if (service.hasAccess()) {
var url = 'https://www.googleapis.com/gmail/v1/users/' + boxEmail +'/settings/delegates';
var response = UrlFetchApp.fetch(url, {
headers: {
Authorization: 'Bearer ' + service.getAccessToken()
},
body: {
"delegateEmail": userEmail,
"verificationStatus": "accepted"
}
});
var result = JSON.parse(response.getContentText());
Logger.log(result);
} else {
Logger.log(service.getLastError());
}
}
This function returns nothing - there's no error message but the delegate is not created. According to the API I should be getting a delegates resource back but I'm not. What am I doing wrong?
This is the function that defines the OAuth service creation:
function getGmailAddDelegateService_(boxEmail) {
return OAuth2.createService('Gmail:' + boxEmail)
// Set the endpoint URL.
.setTokenUrl('https://oauth2.googleapis.com/token')
// Set the private key and issuer.
.setPrivateKey(PRIVATE_KEY)
.setIssuer(CLIENT_EMAIL)
// Set the name of the user to impersonate.
.setSubject(boxEmail)
// Set the property store where authorized tokens should be persisted.
.setPropertyStore(PropertiesService.getScriptProperties())
// Set the scope. This must match one of the scopes configured during the
// setup of domain-wide delegation.
.setScope(['https://mail.google.com/','https://www.googleapis.com/auth/gmail.settings.sharing']);
}
I've tried changing the scopes around but to no avail. I can't see anything in the execution logs of the G Suite audit logs that point to any issues.
Found the answer: URLApp requires that your specify you're POSTing data:
var response = UrlFetchApp.fetch(url, {
method: 'post',
headers: {
Authorization: 'Bearer ' + service.getAccessToken()
},
body: {
"delegateEmail": userEmail,
"verificationStatus": "accepted"
}