Articles avec le tag :
Fermer
Changelog
Fermer
Essayer dans le cloud
Essayer dans le cloud

How ONLYOFFICE handles Google user data

Application

ONLYOFFICE portals interact with Google by making requests to the official Google API using the OAuth 2.0 authorization protocol. To work in accordance with this protocol, the ONLYOFFICE application (api-project-948651087073) was created in the Google API Console. The following services were connected to it: Google Drive API, People API, Contacts API.

Authorization keys with the redirect URL https://service.onlyoffice.com/oauth2.aspx were generated for the ONLYOFFICE application. When a user wants to sign in to ONLYOFFICE with Google, the authorization code is requested and the current user’s page address is transferred to the "state" parameter.

After redirection to the Google API, the https://service.onlyoffice.com/oauth2.aspx URL automatically redirects to the page specified in the "state" parameter. This is necessary due to the fact that all the addresses and domains the ONLYOFFICE application will use are not known in advance.

Handling Google user data within ONLYOFFICE portals

  1. Login
    1. For the authorization on the ONLYOFFICE portal under the existing user profile with Google, a correspondence is set between user’s Google and ONLYOFFICE accounts.

      On the ONLYOFFICE user profile page, there is a Login via Social Networks section with the corresponding Google button:

      How ONLYOFFICE handles Google user data How ONLYOFFICE handles Google user data

      When clicking this button, a Google page that provides ONLYOFFICE application with access to the data opens with the following scope:

      With the specified scope, ONLYOFFICE application can get access to:

      • see your personal info, including any personal info you've made publicly available,
      • view your email address.

      This action is performed using the people.get request. The ONLYOFFICE database stores the correspondence between the user identifier and email address in Google and the user profile identifier in ONLYOFFICE.

    2. On the authorization page of ONLYOFFICE portals, there is a corresponding button to sign in with Google:
      How ONLYOFFICE handles Google user data How ONLYOFFICE handles Google user data

      When clicking this button, a Google page that provides ONLYOFFICE application with access to the data opens with the following scope:

      With the specified scope, ONLYOFFICE application can get access to:

      • see your personal info, including any personal info you've made publicly available,
      • view your email address

      This action is performed using the people.get request. The ONLYOFFICE database is searching for the correspondence between the user identifier and email address in Google and the user profile identifier in ONLYOFFICE. If such a correspondence is found, authentication is performed under the appropriate ONLYOFFICE user profile.

    3. On the sign in page on the ONLYOFFICE website, there is a corresponding button to sign in with Google:
      How ONLYOFFICE handles Google user data How ONLYOFFICE handles Google user data

      When clicking this button, a Google page that provides ONLYOFFICE application with access to the data opens with the following scope:

      With the specified scope, ONLYOFFICE application can get access to:

      • see your personal info, including any personal info you've made publicly available,
      • view your email address

      This action is performed using the people.get request. The ONLYOFFICE database is searching through all the portals for the correspondence between the user identifier and email address in Google and the user profile identifier in ONLYOFFICE. If such a correspondence is found, authentication is performed on the corresponding ONLYOFFICE portal under the corresponding ONLYOFFICE profile.

    4. In the Login section of ONLYOFFICE Personal, there is a corresponding button to sign in with Google:
      How ONLYOFFICE handles Google user data How ONLYOFFICE handles Google user data

      When clicking this button, a Google page that provides ONLYOFFICE application with access to the data opens with the following scope:

      With the specified scope, ONLYOFFICE application can get access to:

      • see your personal info, including any personal info you've made publicly available,
      • view your email address

      This action is performed using the people.get request. The ONLYOFFICE database is searching for the correspondence between the user identifier and email address in Google and the user profile identifier in ONLYOFFICE. If such a correspondence is found, authentication is performed under the appropriate ONLYOFFICE user profile.

      If such a correspondence is not found, a new profile is created with the Google user name and email address. The ONLYOFFICE database stores the correspondence between the user identifier and email address in Google and the user profile identifier in ONLYOFFICE.

  2. User import

    You are able to add several user profiles at once to your ONLYOFFICE portal importing contacts from Google.

    Quick tip: learn how to do it in this article.

    In the People module, there is the Import People option with the corresponding button to select Google as a source you would like to use the contact information from:

    How ONLYOFFICE handles Google user data How ONLYOFFICE handles Google user data

    When clicking this button, a Google page that provides ONLYOFFICE application with access to the data opens with the following scope: https://www.googleapis.com/auth/contacts.readonly. With the specified scope, ONLYOFFICE application can get access to:

    • see and download your contacts.

    This action is performed using the Retrieving all contacts request. ONLYOFFICE creates new user profiles on the portal using names and email addresses of your Google contacts.

  3. Google Drive

    You are able to synchronize your Google Drive account with the Documents module to manage and edit your documents stored in Google Drive within ONLYOFFICE portals using ONLYOFFICE editors.

    Quick tip: learn how to do it in this article.

    In the Documents module, there is the Add account caption with the corresponding button to select Google Drive:

    How ONLYOFFICE handles Google user data How ONLYOFFICE handles Google user data

    When clicking this button, a Google page that provides ONLYOFFICE application with access to the data opens with the following scope: https://www.googleapis.com/auth/drive.

    With the specified scope, ONLYOFFICE application can get access to:

    • see, edit, create, and delete all of your Google Drive files.

    The ONLYOFFICE database stores only the received authorization key needed to perform further requests. Actions are performed via Google APIs Client Library.

    The following methods are used:

    • get the file list,
    • create a file,
    • delete a file,
    • update, rename and move a file,
    • copy a file,
    • get the maximum file size for uploading.

Other cases of using Google user data in ONLYOFFICE

Users can open and edit documents with ONLYOFFICE online editors right within their Google Drive using ONLYOFFICE Personal app. For that purpose, the ONLYOFFICE Personal (api-project-438840568076) application was created.

With the Google Drive account being launched, a user is able to connect the ONLYOFFICE Personal application by clicking the New button (New -> More -> Connect more apps), or via the file context menu (Open with -> Connect more apps):

How ONLYOFFICE handles Google user data How ONLYOFFICE handles Google user data

Once ONLYOFFICE Personal application is connected to Google Drive, the corresponding file creation option will be added to the list (New -> More -> ONLYOFFICE Personal):

How ONLYOFFICE handles Google user data How ONLYOFFICE handles Google user data

The new option will be also added to the file context menu (Open with -> ONLYOFFICE Personal):

How ONLYOFFICE handles Google user data How ONLYOFFICE handles Google user data

The corresponding option will be available for the following list of formats:

  • docx, pptx, xlsx, ppsx files will be opened with ONLYOFFICE Personal by default by clicking the file name;
  • ppt, pps, odp, doc, odt, rtf, mht, html, htm, fb2, epub, txt, pdf, djvu, xps, xls, csv, ods, fods, fodt, pptm, potx, potm, pot, xlsm, xlt, xltx, xltm, docm, dotx, dotm, ots, otp, ott files will be opened with ONLYOFFICE Personal via the context menu.

When performing both actions (create a new file and open the existing file with ONLYOFFICE Personal application), a Google page that provides ONLYOFFICE application with access to the data opens with the following scope:

With the specified scope, ONLYOFFICE application can get access to:

  • view, create, edit and delete all files on Google Drive,
  • see your personal info, including any personal info you've made publicly available,
  • view your email address.

The ONLYOFFICE Personal application requests user data using the people.get request. The ONLYOFFICE Personal database is searching for the correspondence between the user identifier and email address in Google and the user profile identifier in ONLYOFFICE. If such a correspondence is found, authentication is performed under the appropriate ONLYOFFICE Personal profile.

If such a correspondence is not found, a new profile is created with the Google user name and email address. The ONLYOFFICE Personal database stores the correspondence between the user identifier and email address in Google and the user profile identifier in ONLYOFFICE. In this case, the ONLYOFFICE database also stores the received authorization key needed to perform further requests to the Drive API. The following methods are used:

  • create a file,
  • download a file,
  • update a file.

Privacy Policy

The following document discloses the manner in which ONLYOFFICE Application requests, uses, and stores your Google user data.

Open the Privacy Policy document

How ONLYOFFICE handles Google user data
Fermer