activities
latest
false
Productivity Activities
Last updated Oct 23, 2024

Google Workspace Scope

UiPath.GSuite.Activities.GSuiteApplicationScope

Description

Handles the connection client and authentication for Google Workspace activities. The Google Workspace activities work with the account specified in the Application Scope. Multiple authentication types are available.

Starting with version 2.5.5, you can use the newer Google Workspace activities inside the Scope activity. To learn how to use the Integration Service activities with Google Workspace Application Scope, see How to use Google Workspace activities without Integration Service.

Known issue

Important:

The OAuthClientID authentication type using the UiPath OAuth Client (the UiPath public app) in Google Workspace Scope is currently unavailable. Automations using the UiPath public app to authenticate may stop working and throw the following error message: "This app is blocked". We are working to fix the issue and restore the app.

Until we restore the public app, you can use OAuthClientID authentication with a custom Google application created by your organization. To switch from the UiPath public Google application to a custom Google application, take the following steps:

  1. Create your own Google Cloud application, assign the necessary scopes, and create the OAuth Client ID credentials, as explained in Set up applications in Google Cloud.
    • The UiPath public app uses the following scopes: https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/spreadsheets, https://www.googleapis.com/auth/documents, https://www.googleapis.com/auth/drive, https://mail.google.com. You can use the same scopes or assign custom ones, depending on your needs.
  2. If you select OAuthClientID authentication type, set the OAuth Client field to Custom. In the Client ID and Client Secret fields, add your custom app's credentials.

    docs image

  3. Test your automation, republish the project, and run it.

Project compatibility

Windows - Legacy | Windows

Configuration

  • Connection method - Select the connection method you want to use. Options available in the dropdown menu are:
    • Properties Panel - Configure the connection details in the Properties panel.
    • Asset - Use Orchestrator credential assets. We recommend you use this option.

Asset connection method

When you select this option, the authentication fields displayed in the Properties Panel option are hidden, because all the authentication information is stored inside the asset.

The Asset method supports the same authentication types as the Properties Panel method: OAuth Client ID, API Key, or Service Account Key.

  • Connection assets - Browse Orchestrator folders to select an asset. This field supports IResource variables. Select the Manage Assets button to open Orchestrator. The list of available assets depends on the Orchestrator your Studio and Robot are connected to.
    • Use the Plus button menu to select Reload Assets if you've updated your assets in Orchestrator. Note that if you add a new asset in Orchestrator while using Studio Desktop, it will not be available straightaway in the Scope activity.

Common

  • TimeoutMS - If set, the activity times out with an exception after the set number of milliseconds.

Options

  • Connection Data Store Location - A dropdown list that specifies where the Token Response gets stored. The available property values are Local disk, Orchestrator, or Never store.

    • Local disk - The connection tokens are stored in a local folder on the machine. The same connection can be used in multiple processes on the same machine.
    • Orchestrator - The connection tokens are stored in Orchestrator as assets in a specified folder. The same connection can be used in multiple processes on multiple machines as long as it has access to the specified Orchestrator folder.
    • Never store - The connection tokens are never stored.
  • Connection Orchestrator Folder Path - The Orchestrator folder where the operations occur. Leave empty if Modern folders are not enabled. For more information, see About Folders in the Orchestrator Guide.

Service Account Key

  • User Email - If you granted Domain Wide Access to the service account, it needs to impersonate a user from the domain. Use this field to enter the impersonated user's email address.
Runtime
  • Runtime connection assets - Browse to select an asset. This field allows you to select a different asset for runtime. Use the Plus button menu to select Relative path and enter the full path of the Orchestrator asset containing connection details.

Properties Panel connection method

  • Connections - Select an account from the list. You can add, delete, and choose what connections to use.
  • Authentication Scopes - See the Using the Authentication Scopes wizard section below.
Using the Authentication Scopes wizard

The Scope activity incorporates a universal permissions selector, offering a clear picture of all the used authentication scopes, which the activities need in order to work correctly.



All children activities included in the Google Workspace Application Scope activity are automatically detected as required scopes.

If no scopes are manually selected from the Scopes wizard, the Auto-detect function is applied by default at runtime, and the need for configuring the wizard is eliminated. All the minimum required scopes are selected at runtime.

You can also add a scope manually after adding a child activity to Google Workspace Application Scope.

Note: For details regarding API Scopes and permissions, see Microsoft 365 and Google Workspace Cards - API permissions and scopes.
Authentication
  • Authentication Type - A dropdown list that specifies the type of authentication you want to use to access Google Workspace services. The available property values are: ApiKey, OAuthClientID, and ServiceAccountKey. Depending on the authentication type selection, additional property fields may be required.
OAuth Client ID
Note: This is the same authentication method supported in Integration Service, either through the public UiPath App or a private custom application (Bring your own app method).

The property fields below are required only if your Authentication Type value is OAuthClientID.

  • Client ID - The credential ID for the user account. This property supports String variables and string formatted values.
  • Client Secret - The credential secret for the user account. This property supports String variables and string formatted values.
  • OAuth Client - Indicates the application (client) to be used. If UiPath is selected, no Client ID and Client Secret should be provided. The default value is UiPath.
  • Secure Client Secret - The Client secret for the User Account, as a secure string. This property supports String variables and string formatted values.
    Note:

    When you use UiPath Apps, you allow UiPath Robots to access the data inside your Google mail account. Subsequently, you allow UiPath Robots to manipulate the data solely in accordance with your instructions. UiPath will never access, store, or process in any manner the data that you manipulate with the use of UiPath Robots and will not allow for the Robots to be used outside the user's instructions. UiPath’s use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

    You can see the full UiPath Privacy Policy for more information.

  • Connection Data Store Location - A dropdown list that specifies where the TokenResponse gets stored. The available property values are Local disk, Orchestrator, or Never store. This property is only applicable if the selected Authentication Type is OAuthClientID.

  • Connection Orchestrator Folder Path - The Orchestrator folder where the operations occur. Leave empty if Modern folders are not enabled. For more information, see About Folders in the Orchestrator Guide.

  • User - The identifier assigned to an authorized user. A unique response token is generated for each identifier that can be stored for future use. This property supports String variables and string formatted values. This property is only applicable if the selected Authentication Type is OAuthClientID.
Service Account Key

The property fields below are required only if your Authentication Type value is Service Account Key.

  • Key Type - A dropdown list that specifies the service account type according to the key file. The available property values are JSON or P12. For a P12 service account type, the Password and Service Account Email properties are required.
  • Service Account Email - The auto-generated email address for the service account. This property supports String variables and string formatted values and is required only if your Key Type value is P12.
  • User Email - If Has Domain Wide Access is selected, the service account impersonates a user from the domain; use this field to enter the impersonated user's email address.
  • Has Domain Wide Access - If selected, the activity grants domain-wide access to the service account. Boolean value.
  • Key Path - The path to the service account key file. This property supports String variables and string formatted values. The creation of a service account on the Google Cloud Platform generates a key file for download.
  • Password - The password for the service account. This property supports String variables and string formatted values and is required only if your Key Type value is P12.
  • Key Orchestrator Storage Bucket - The storage bucket used to retrieve the credentials specified by Key Path. If a Storage Bucket is selected, the Key Path field must specify the file path in the selected Storage Bucket. If a Storage Bucket is not set, the Key Path uses a local storage. If you select the Full Path input mode, you can enter the storage bucket's path as a string or use a variable.
    Note: With this option, you can use Service Account Key authentication in unattended mode much easier. You no longer need to add the P12 or JSON file in the project folder.
API Key

The property field below is required only if your Authentication Type value is ApiKey.

  • Api Key - The account API key. You may only use the API key with the Google Sheets activities. This property supports String variables and string formatted values. If you want to use the Google Mail, Google Calendar, and/or Google Drive activities, you must select a different Authentication Type value.

Common

  • ContinueOnError - If set, the remaining activities are executed if the current activity fails.
  • TimeoutMS - If set, the activity times out with an exception after the set number of milliseconds.

Use of the software developed and provided by UiPath in connection with any Google software is subject to the UiPath Open Platform Activity License Agreement. Google software and services used in conjunction with the UiPath software may be accessed and used in accordance with Google Terms and any other applicable agreements, policies or guidelines as made available by Google.

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2024 UiPath. All rights reserved.