I wrote a Google Apps Script that implements spreadsheet add-on functionality. I and everyone in my organization can test it (via Run > Test as add-on). Now I want to allow one specific person outside of my organization to be able to test it as well, without having to publish it.
As far as I understand it from the information I found so far, there are only three permission schemes for scripts: private for me, private for my organization, public for everyone. Is that correct or is there a way to grant access to specific persons?
That person has a Google account, just outside of my organization, and has access to both the App Script and the spreadsheet.
The permission schemes you're mentioning (private for me, private for my organization, public for everyone) it's the Add-on visibility [1], which only applies for published Add-ons. You or any user with at least read permission on the Add-on's script and Spreadsheet can test the Add-on without having to publish it following these steps from the documentation [2]:
1) Open the add-on's script project in the Apps Script editor.
2) Select Publish > Deploy from manifest... to open the Deployments dialog.
3) In the Latest Version (Head) row, click Install add-on to install the currently saved version of the add-on in development-mode. If you install the Latest Version (Head) of the add-on, any changes you make to the add-on code are applied immediately without you needing to reinstall it.
4) Alternatively, you can create a versioned deployment and install that instead. This can be helpful if you want to 'checkpoint' a version of the add-on to compare it to the version under development.
[1] https://developers.google.com/gsuite/add-ons/how-tos/editor-publish-overview#visibility
[2] https://developers.google.com/gsuite/add-ons/how-tos/testing-gsuite-addons
Thanks! For me it works if I try it with my non-organizational Google account. Just wondering how one picks a particular deployment to test and how it interacts with other deployments. Some day ago I tried "Deploy as add-on" and created an according project in GSuite, and then the other guy always got the error
org_internal: This client is restricted to users within its organization.
Now I deleted that project and he gets the errordeleted_client: The OAuth client was deleted.
So it seems he accesses the add-on deployment and not the manifest deployment? I'm a bit lost, sorry.Yes exactly you have to use the "Deploy from manifest" option. If you use "Deploy as add-on" you'll only have the 3 visibility options you talked about: private for me, private for my organization, public for everyone.
Thanks a lot! It finally starts to make sense.