0

Reviewing various SO posts (such as this) regarding quotas, the circumstances are so varied that I'm unclear how they apply to the webapp I'm working with. Here are features of this webapp that may bear on quotas:

  1. Web app is in a "consumer--@gmail.com" account.
  2. Web app runs under the user, with access by any Gmail user.
  3. Permissions for the webapp project are: userinfo.email; script.external_request; and script.send_mail.
  4. Read/writes to Google spreadsheets are performed by a project service account via UrlFetchApp executions, where the spreadsheets are shared with the service account.
  5. Permissions for the service account are: spreadsheets and script.external_request.

The quotas of concern are those that apply to the webapp project and its service account, not those applied to the individual users.

For example, if limit of 30 simultaneous executions applies to the service account, then this could be a big problem as there certainly can be more than 30 users concurrently launching executions (including UrlFetch performed by the service account). Or do the quotas apply separately to each "instance" of the service account for each user?

So, the basic question: Which quotas are going to apply to the project or to the cumulative actions of its service account on behalf of all users?

MORE SPECIFICALLY

With webapp executed as user and access by any Gmail account, is execution of the following code allocated (under Google Service quota policies) to the user's quotas or to the webapp project/service account quotas?

 var clientToken = //Service account's oAuth authentication token
 var urlSheet = `https://docs.google.com/spreadsheets/d/${ssID}/gviz/tq?tqx=out:json&gid=${sheetId}&tq=${encodeURI(query)}`;

 var res = UrlFetchApp.fetch(urlSheet, {"method": "get", headers: {authorization: "Bearer " + clientToken}}).getContentText();

Thanks for any clarifications about this.

DougMS
  • 45
  • 5
  • I have to apologize for my poor Engish skill. Can I ask you about your current setting of your Web Apps? Can I ask you about the setting of `Execute as:` and `Who has access to the app:`? – Tanaike Mar 21 '22 at 00:26
  • @Tanaike Thank you again for replying. #2 in my question meant to specify that: Execute as user and access by any Gmail user. – DougMS Mar 21 '22 at 03:06
  • Thank you for replying. I have to apologize for my poor English skill, again. Unfortunately, I cannot still understand your reply. But I would like to try to understand it. When I could correctly understand it, I would like to think of the solution. I would be grateful if you can forgive my poor English skill. – Tanaike Mar 21 '22 at 05:12
  • @Tanaike Thank you for your readiness to assist. Your expertise is a tremendous help. Please see the narrower focus I've added along with small code block under the MORE SPECIFICALLY heading in this question. I hope it is clearer. – DougMS Mar 21 '22 at 17:41
  • Thank you for replying. I cannot still understand your Web Apps setting. So I cannot think of your current situation. So, have to ask the same question again. Can I ask you about the values of `Execute as:` and `Who has access to the app:` in your deployed Web Apps? I apologize for this. – Tanaike Mar 22 '22 at 01:15
  • @Tanaike The webapp is configured to: Execute as: "User Accessing the Web App". Who has access to the app: "Anyone with Google account." (not Anonymous). – DougMS Mar 22 '22 at 02:24
  • Thank you for replying. In your situation, your Web Apps is deployed as `Execute as: User accessing the web app` and `Who has access to the app: Anyone with Google account`. And your current script is your showing script, and you want to access to the Web Apps using the service account. Is my understanding correct? If my understanding is correct, can you provide the scripts of your Web Apps and your client side? – Tanaike Mar 22 '22 at 02:29
  • @Tanaike Please see the simplified code and statement of my question above under the 'MORE SPECIFICALLY' heading. The client-side interfaces are html forms in the webapp's html files. Is a UrlFetchApp execution with service client authentication attributed to the quota for the user or is it attributed to the quota for the webapp project? My expectation is that it is attributed to the user when the webapp is executed as the user. Thank you. – DougMS Mar 22 '22 at 13:29
  • So, just to be clear, the only part that is consuming the service account is as a token when making the calls? From what I understand, `UrlFetchApp` also will fall into the user execution. – Emel Apr 05 '22 at 08:03
  • @Emel thank you for looking at this. UrlFetchApp connects (read/writes) to the project spreadsheets with authorization under the service account token, where the spreadsheets are shared to the service account's Gmail address. The webapp executes as the user, which gives the script access to the authenticated user Gmail address. The only permissions granted by the user are for userinfo.email, script.send_email, and script.external_request (i.e., for the fetch functions). Your understanding is that all these script functions fall to the user's quotas? Thanks again. – DougMS Apr 06 '22 at 16:05
  • I think all the information you need is inside this [answer](https://stackoverflow.com/a/60003093/14271633). `Apps Script quota apply per user invoking a service.` – Emel Apr 07 '22 at 08:44
  • @Emel Thank you again. I will expect that the quotas apply to the service account not the user, so 20,000 URL fetch calls/day as the standard quota. The answer you refer to remains ambiguous for me, however, because it is not clear whether the questioner (who comments that his testing shows the quota applies to the user of that app) is using a service account for the calls. – DougMS Apr 07 '22 at 17:42
  • @Emel If you wish to enter your last comment as an answer, I will flag it as accepted answer. Thanks again. – DougMS Apr 07 '22 at 17:45

1 Answers1

1

As mentioned here, UrlFetchApp calls will be counted against the service account making the call, as this is the one being used to make them.

All other services, such as using SpreadsheetApp or any other service offered by Google Apps Script, will be counted against the account of the user running the script: Apps Script quota apply per user invoking a service..

Emel
  • 2,283
  • 1
  • 7
  • 18