We have web application which is using OAuth authentication and authorization. We have created and published google cloud project with some scopes which is used in web application. Now we are developing Google workspace add-on app for web application.
We have implemented API for fetching some user details and display in workspace app. In App Script, we are using UrlFetchApp.fetch() for API call. And User email is fetched from Session.getActiveUser().getEmail() and send as params with API url. In Backend, we return JSON response. It's not related with google details, It is just user details which is stored in DataBase.
I am confused with authentication and authorization. Here are my questions.
- in App Script App, Do we need to develop authentication and authorization for this API call?
- Do we need to create another google cloud project for Workspace Add-on App or can we use already published app for this?
- In our app if user clicks Login with google, we create the user and store the auth_token in our DB. In this case, Do I need to implement separate auth screen for add-on authentication because if I give our app login, It will create user in our DB. How to redirect to add on after authentication? or How to Do it?
- First of all, Do we need authentication for app script addon? because if user login in our application we process and store the auth details.
Currently We Implemented basic app in App Script which is request to our server and displays the details if JSON response contains details or displays the login button. The login button contains redirect url to our app login page.