15 Feb 2023
Working on my Calendar script in Pyton Calendee, I was faced with the token expiring every 3-4 hours, thus requiring a new manual authentication with consent screen to generate a new token.
It appears having an "always-on" token is not as simple as it should be.
Solution here was to:
- create Service account & download Service key as '.json' file, as per:
Google Calendar API in Your Application without Oauth Consent Screen
medium.com
- apply Domain Wide Delegation to the Service account, as per:
Control API access with domain-wide delegation - Google Workspace Admin Help
google.com
- use following code:
from google.oauth2 import service_account
SCOPES = ['https://www.googleapis.com/auth/calendar']
credentials = service_account.Credentials.from_service_account_file(token, scopes=SCOPES)
creds = credentials.with_subject(calendar_id)
service = build('calendar', 'v3', credentials=creds)
where token is the path to the Service key file, and calendar_id is the email address of the Google Calendar.