Accessing google Calendar API through service account in Flutter

In the Google API docs, it is mentioned that the only way to authorize requests is through OAuth2.0.

However I do not need to access user's calendar, I want to create an event in my calendar and add users as Attendee. I need the invites to go out from xyz.com Since this is an account I'd own, I feel there should be a way to access it though a service account. I understand the best way to do this is to write a backend function that is called by my website front-end.

There is some help here, but it is not clear.

When I am creating an event with Person A and Person B

This is how it is today -

Request Access to event from Person A
Event gets created in Person A's calendar and Person B is added as attendee

This is how I want it to be -

Event gets created in my calendar (owned by a service account)
Person A and Person B are added to it as attendee

CodePudding user response：

If you have a google workspace account, and this is a google workspace calendar you are trying to access. Then you could use a service account.

using service account authorization will not require any user interaction. However service account will need to be configured for domain wide delegation in your google workspace account by a workspace admin. Tip if you check that link swap out the scopes with the scope for google calendar.

Service accounts will not work with standard gmail user google calendar accounts. If this is the case then you should just use Oauth2 and authorize your app once and store the refresh token. your app can then use the refresh token to access your account at a later date.

CodePudding user response：

You can use a service account but it requires exposing your client_is and client_secret in the front end. Using service account is called client_credentials flow. It is typically used on the backend because it is meant for server to server authentication/authorization. It is safe to use client secret on the backend.

In your case you have to use authorization code flow. It is not that taxing. This means that you have to obtain a token for your service account by logging in as yourself, the owner of the service account. Then you can create the event for yourself (you app really) and invite Person A and B.