Hacker News new | past | comments | ask | show | jobs | submit login

You can use Application Default Credentials (ADC) with Sheets:

https://cloud.google.com/docs/authentication/application-def...

You can:

  PROJECT="..."
  ACCOUNT="..."

  # Add this value to your Sheet(s)
  EMAIL="${ACCOUNT}@${PROJECT}.iam.gserviceaccount.com"

  export GOOGLE_APPLICATION_CREDENTIALS=${PWD}/${ACCOUNT}.json
And then:

  ctx := context.Background()

  scopes := []string{
    "https://www.googleapis.com/auth/spreadsheets.readonly",
  }

  opts := option.WithScopes(scopes...)
  srv, err := sheets.NewService(ctx, opts)
Remaining code remains unchanged.

One omission from your post is that you will need to enable the Sheets service|API either using gcloud:

  gcloud enable sheets.googleapis.com --project=${PROJECT}
Or by URL: https://console.cloud.google.com/apis/library/sheets.googlea...



Correction the following refers to the created key:

  ${PWD}/${ACCOUNT}.json
Possibly created by:

  gcloud iam service-accounts create ${ACCOUNT} --project=${PROJECT}
  gcloud iam service-accounts keys create ${PWD}/${ACCOUNT}.json \
  --iam-account=${EMAIL} \
  --project=${PROJECT}
Because Google Workspace does not support IAM, no IAM roles need be assigned. Instead OAuth scopes are used.


Thanks, in your instructions it's not clear where the `$ACCOUNT.json` file is coming from?

I will mention the service enable.


Good point! I'll revise.


Interesting, so this approach still works through an explicitly created service account? Do you think it's possible to make it work without a GCP Service Account at all?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: