Login

u/Plus-Quarter-1459

▲ 17 r/GoogleAppsScript+4 crossposts

How is everyone handling the dreaded Authuser=0 (multiple accounts) bug in Apps Script add-ons?

Hey everyone,

I wanted to open a discussion on handling one of the most notorious and frustrating limitations in Google Apps Script add-on development: the multiple accounts Authuser=0 trap.

The Context: My team recently launched a Workspace management add-on. Shortly after launch, we onboarded an enterprise client who left a great review but immediately reported a frustrating "nitpick": he's logged into multiple Google Workspace accounts, while he's accessing the add-on with his second logged account, the sidebar of our add-on was selecting the default account of their browser rather than the account actually linked to the active spreadsheet.

After consulting with my lead dev, we realised we were dealing with a platform-level infrastructure issue, and not a bug in our code.

The Trap: As most of you know, when a user is juggling multiple Google accounts in one Chrome window (e.g., u/0/, u/1/), Google Apps Script's HtmlService often gets completely confused by the session cookies. If they open the sheet with a secondary account, the underlying iframe still forces the add-on to authenticate using the Default account (authuser=0).

The result is massive user confusion, as the sidebar displays data or permissions for the completely wrong account.

No Workaround Found: We searched high and low but couldn't find a native programmatic patch to force the iframe to respect the active document's user context. So we advised the client to perform their admin operations inside a dedicated Chrome Profile or an Incognito window.

My Questions for the Community: Since we want to provide the smoothest UX possible, I’m curious how other devs here are tackling this:

  1. The "Holy Grail" Fix: Has anyone found a reliable native workaround, undocumented parameter, or JS hack to force HtmlService to respect the active authuser index?
  2. User Experience (UX): Do you preemptively warn users about this in your UI/onboarding flow, or do you just document it in your FAQs and wait for the support tickets to roll in?
  3. Google's Roadmap: Has anyone who talks to Googlers heard any whispers on whether this is ever getting patched at the infrastructure level?

Would love to hear your thoughts, workarounds, and war stories regarding this bug!

reddit.com
u/Plus-Quarter-1459 — 4 days ago
▲ 3 r/googleworkspace+1 crossposts

How are you handling the Apps Script 6-minute execution limit for bulk Work

Hey everyone,

I wanted to open a discussion on handling one of the most notorious bottlenecks in Apps Script development: the 6-minute execution wall (and the dreaded “Resource Exhausted” errors).

The Context:

My team recently built and launched a sheet-based Workspace management add-on called AdminSheet Pro. Our biggest technical hurdle wasn’t the Directory API logic itself, but dealing with massive enterprise and Higher-Ed domains. When you are trying to bulk update 10,000+ users or migrate massive nested groups, hitting that 6-minute wall is almost guaranteed.

We noticed that a lot of other sheet-based tools in the ecosystem just slap a warning label on their UI saying something like:  “Organizations with 10k+ users may experience timeouts due to Apps Script runtime limits.” We felt that defeated the purpose of building a “bulk” tool, so we decided to try and engineer a native workaround.

Our Approach: “Intelligent Pacing”

Instead of trying to brute-force the API or migrating the entire execution engine off Apps Script to GCP, we engineered a state-management architecture we call Intelligent Pacing.

Essentially:

  1. We track row-level execution state continuously.
  2. We anticipate the execution wall around the 5.5-minute mark.
  3. We gracefully pause the script, save the state, and use triggers to spin up the next batch seamlessly in the background.

We made a conscious design choice to prioritise guaranteed completion over raw speed. It might take a little longer to run safely, but it doesn’t crash halfway through. We also had to build real-time, row-by-row visual feedback in the Sheet to prevent “terminal anxiety”—so admins wouldn’t panic and kill the script while it was processing in the background.

My Questions for the Community:

Since we are always looking to optimise, I’m curious how other devs here are tackling this:

  1. Architecture: Are you using a similar trigger-based batching system to stay within Apps Script, or have you offloaded the heavy lifting entirely to Cloud Run/Cloud Functions?
  2. UX: How do you handle user UX when background tasks take 15+ minutes? How do you keep the user informed without exceeding quota limits on UI updates?
  3. Batching: Have you found a “sweet spot” for API batching sizes to maximise throughput before you hit that 6-minute mark?

Would love to hear your thoughts and strategies!

reddit.com
u/Plus-Quarter-1459 — 11 days ago
▲ 7 r/SysAdminBlogs+3 crossposts

We recently hit a massive milestone with our Google Workspace Extension: 5,000+ installs in just 9 days after launch.

While our dev team spent months perfecting our "Intelligent Pacing" engine to solve those dreaded "Resource Exhausted" errors, the real "final boss" wasn't the code; it was the Google Marketplace Verification Process.

As first-timers ourselves, we found that this process can feel like a black box that takes anywhere from 2 to 4 weeks to navigate. We aren't "pros" providing tips as "experienced app developers"; this was our first time publishing an extension to the Google Workspace Marketplace. In this post, we are simply sharing what we learned on this journey to help other beginners find their way. One shortcut we discovered is that Time spent watching the expert videos on the Google Developers YouTube channel is time saved in the queue.

If you are just starting, I highly recommend watching these two videos from Google employees. If you follow their advice to the letter, it can help cut your total processing period in half. The hour you spend watching these is the best investment you'll make in your launch:

  1. Chanel Greco (Developer Advocate): How to publish to the Google Workspace Marketplace
  2. Joe Romeo (Solutions Architect): Beyond the Build: Navigating the Review Process

Based on our journey, here are the three major hurdles you need to prepare for.

Phase 1: OAuth Verification (The Security Battle)

This is where Google audits your technical "permissions." The goal is to prove you aren't asking for more data than you actually need.

Lesson 1: The Power of currentonly

Early on, we wanted the broad spreadsheets scope. It was easier for development. But Google (and security-conscious admins) hate broad access. We made the strategic choice to downgrade to spreadsheets.currentonly.

  • Key Takeaway: This tells the user (and Google) that your app can only see the sheet they currently have open—not their entire corporate Drive. This "Privacy-First" move was a massive conversion driver for us.

Lesson 2: The "Ghost Scope" Mismatch (Profile Scope)

We spent days fighting a specific battle: the userinfo.profile scope. Google Cloud was automatically adding it to our OAuth consent screen, even though it wasn't listed in our Apps Script code. Every time we deleted it from the GCP Console, it reappeared. This created a critical mismatch: the scopes shown to the user didn't match the scopes defined in our appsscript.json manifest.

  • Key Takeaway: If a scope keeps reappearing in GCP, stop trying to delete it. Google's backend often implicitly requires the profile scope for identity services. The solution is to explicitly add it to your Apps Script manifest. Once we matched the manifest to what GCP was forcing, the verification team finally gave us the green light.

Lesson 3: Documentation is a Video Task

For sensitive administrative scopes (like Directory API access), a written explanation isn't enough. We had to provide a detailed walkthrough video showing exactly which button in our UI triggered which scope.

  • Key Takeaway: Don't just tell Google what your code does; show them the user's experience. Transparency speeds up approval.

Phase 2: Branding Verification (The Trust Battle)

Once your code is verified, Google’s marketing team steps in. They want to ensure your app looks and feels like a native, professional part of the ecosystem.

Lesson 4: The "Trust Gap" is Real

Initially, our Marketplace listing pointed to our corporate site, but our product was named AdminSheet Pro. Google's branding team noticed the inconsistency.

  • Key Takeaway: Ensure your Marketplace listing, Terms of Service, Privacy Policy, and Support site all share the same branding. If a user clicks your site and doesn't see your app's name immediately, they will uninstall. We had to align everything under theproduct name identity to bridge that gap.

Lesson 5: Trademarks and Icons Matter

Google has strict rules about how you use its name and brands. You can't be "Google AdminSheet." You are "AdminSheet Pro for Google Workspace™." The ™ matters more than we had anticipated.

  • Key Takeaway: Follow the specs for icons (transparent backgrounds, no excessive text) and trademark usage exactly. If your branding looks "off," the algorithm won't promote you to the "Top Charts." And make sure you have the ™ on all mentions of Google's brands.

Final Advice

Passing verification is not only a badge of honour, but it is also the only way to go live on the Google Marketplace. All the best with your build. It’s a steep climb, but the view from the "Approved" list is worth it.

u/Plus-Quarter-1459 — 19 days ago