1

I'm working on a an application where my back-end server will push and pull data over the google drive sdk. So, the back-end will only ever need a authorization via a single admin user's set of credentials.

Is the best way to do the authorization for this use-case to do what's described here? https://developers.google.com/drive/web/auth/web-server

It looks like I would manually authorize my back-end's user once and store the refresh token for later offline access, thereby not needing manual/human interaction ever again.

But is that actually the best way for this use case? Is there another authorization workflow that I've overlooked?

wouldnt
  • 622
  • 6
  • 8

2 Answers2

0

The method described at the link you sent is appropriate when you are authing several end users. I find it's overkill if you only ever need to auth a single user. Too much code and faffing around for something that will only be used once.

Check out How do I authorise an app (web or installed) without user intervention? (canonical ?) which is a one-time procedure which gets you the same result, without writing any code.

Community
  • 1
  • 1
pinoyyid
  • 21,499
  • 14
  • 64
  • 115
0

Having worked on it some, I think the best way for my application is this:

https://developers.google.com/api-client-library/python/auth/service-accounts

You create a Service Account through the admin console. There's no messing around with a manual authorization step that could later break the app.

wouldnt
  • 622
  • 6
  • 8
  • If you're looking for an account that is dedicated to the app (ie. no UI of its own), and not a general use account, then you're right - Service Accounts for the win. Just don't fall into the trap of thinking that a Service Account is somehow the same as your Google account. It's completely separate. – pinoyyid Jun 09 '16 at 11:11