1

Is it possible to append rows to an existing Google Sheet using drive.file scope?

The https://www.googleapis.com/auth/drive.file scope is defined as

Per-file access to files created or opened by the app

in the Sheets docs and

Per-file access to files created or opened by the app. File authorization is granted on a per-user basis and is revoked when the user deauthorizes the app

in the Drive docs.

What does Google mean by "opened" by the app? Open isn't a method in the API.

I've built an app that uses the drive.file scope, and the app authenticates and receives tokens just fine. When I try to append a row to an existing Sheet, the API response is a 404.

If I authenticate the same app using the more broad scope https://www.googleapis.com/auth/spreadsheets, the app has no trouble appending rows to the same Sheet. I don't want to use a more broad scope that requires app verification because the app is an OAuth based plugin, a type of app Google says should not require Sensitive or Restricted scopes or verification. My app also fits the criteria Google recommends for the drive.file scope here.

I have found all these questions that are near duplicates and have no definitive answers:

  1. Request specific file permissions with Google Sheets / Google Drive API
  2. AuthToken for drive.file scope returning 404
  3. Getting Google file picker to work with drive.file scope
  4. How to use the scope https://www.googleapis.com/auth/drive.file correctly
  5. Is there anyway to get private file of user with drive.file scope
  6. Is the https://www.googleapis.com/auth/drive.file enough to create and update files or is the scope /drive needed?
Improve this question
6
  • Basically, drive.file gives you access rights to the file you created with the app, not too any other files of the user. There is a good reason for the fact that you need to verify your app. After all the user should be aware that you have access to all of his spreadsheets. Commented May 13, 2020 at 15:49
  • I believe you're confusing OAuth authentication and Google app verification. The OAuth consent screen makes it clear to all users what access they are giving to the app. Commented May 13, 2020 at 16:15
  • I am sorry, if my comment was confusing. What I meant is that if you do not verify your app, the user will see an Unverified app screen which will warn him about potential dangers involved with certain scopes. Because without verification, there is no control about what your code is doing with the access to user's data. Commented May 13, 2020 at 16:52
  • I believe that is also incorrect. The unverified app screen is not shown when Recommended scopes are used. Only Sensitive and Restricted scopes trigger the unverified app screen, as explained by this link that is in my question: support.google.com/cloud/answer/7454865?hl=en Commented May 13, 2020 at 16:56
  • Hi @rg89. Were you able to find a solution to this? Commented Apr 14, 2021 at 10:49

1 Answer 1

Reset to default
1

I concluded no, it is not possible. I designed my app to have a "Create Sheet" button as a workaround, and the drive.file scope works fine to append rows and make other edits to a Sheet that my app creates.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.