Write to Google Sheets API Using OAuth 2.0 Power Automate for Desktop

Write cell values to spreadsheets. Includes basic logic for handling refresh tokens for repetitive tasks.

SET ClientId TO $''''''
SET ClientSecret TO $''''''
SET SpreadsheetId TO $''''''
SET SpreadsheetRange TO $'''Sheet1!A1:D5'''
SET SpreadsheetData TO $'''{
  \"majorDimension\": \"ROWS\",
  \"values\": [
    [\"Item\", \"Cost\", \"Stocked\", \"Ship Date\"],
    [\"Wheel\", \"$20.50\", \"4\", \"3/1/2016\"],
    [\"Door\", \"$15\", \"2\", \"3/15/2016\"],
    [\"Engine\", \"$100\", \"1\", \"3/20/2016\"],
    [\"Totals\", \"=SUM(B2:B4)\", \"=SUM(C2:C4)\", \"=MAX(D2:D4)\"]
  ],
}'''
SET UseAuthorizationCodeOCR TO $'''False'''
SET ErrorCount TO 0
LABEL RetryAuthorizationRequest
System.GetEnvironmentVariable.GetEnvironmentVariable Name: $'''PAD_GoogleAPIToken''' Value=> AccessToken
ON ERROR

END
IF (AccessToken = '' OR AccessToken = 0) = $'''True''' THEN
    # Request Authorization
    WebAutomation.LaunchEdge.LaunchEdgeNoWait Url: $'''https://accounts.google.com/o/oauth2/auth?client_id=%ClientId%&redirect_uri=urn:ietf:wg:oauth:2.0:oob&scope=https://www.googleapis.com/auth/spreadsheets&response_type=code''' WindowState: WebAutomation.BrowserWindowState.Normal ClearCache: False ClearCookies: False Timeout: 10
    IF UseAuthorizationCodeOCR = $'''True''' THEN
        WAIT (OCR.WaitForTextOnScreen.TextOnSubregionOfScreenToAppearWithWindowsOcr TextToFind: $'''4\\/''' IsRegex: True WindowsOcrLanguage: OCR.WindowsOcrLanguage.English SearchForTextOn: OCR.SearchTarget.ForegroundWindow ImageWidthMultiplier: 1 ImageHeightMultiplier: 1 Y1: 200 TextLocationX=> LocationOfTextFoundX TextLocationY=> LocationOfTextFoundY) 
                ON ERROR
        
                END
        MouseAndKeyboard.SendMouseClick.ClickAt ClickType: MouseAndKeyboard.MouseClickType.LeftClick MillisecondsDelay: 0 X: LocationOfTextFoundX Y: LocationOfTextFoundY RelativeTo: MouseAndKeyboard.PositionRelativeTo.Screen MovementStyle: MouseAndKeyboard.MovementStyle.Instant
        MouseAndKeyboard.SendKeys.FocusAndSendKeys TextToSend: $'''{Control}({C})
{Alt}({F4})''' DelayBetweenKeystrokes: 100 SendTextAsHardwareKeys: False
        Clipboard.GetText Text=> AuthorizationCode
    ELSE
        Display.InputDialog Title: $'''Insert Authorization Code''' Message: $'''Paste code from web browser''' InputType: Display.InputType.SingleLine IsTopMost: False UserInput=> AuthorizationCode
    END
    # Exchange Authorization Code For Tokens
    Web.InvokeWebService.InvokeWebService Url: $'''https://accounts.google.com/o/oauth2/token''' Method: Web.Method.Post Accept: $'''application/json''' ContentType: $'''application/json''' RequestBody: $'''{
    \"code\": \"%AuthorizationCode%\",
    \"client_id\": \"%ClientId%\",
    \"client_secret\": \"%ClientSecret%\",
    \"redirect_uri\": \"urn:ietf:wg:oauth:2.0:oob\",
    \"grant_type\": \"authorization_code\"
}''' ConnectionTimeout: 30 FollowRedirection: False ClearCookies: False FailOnErrorStatus: False EncodeRequestBody: False UserAgent: $'''Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.21) Gecko/20100312 Firefox/3.6''' Encoding: Web.Encoding.AutoDetect AcceptUntrustedCertificates: False ResponseHeaders=> TokenResponseHeaders Response=> TokenResponse StatusCode=> TokenStatusCode
    IF TokenStatusCode <> 200 THEN
        EXIT Code: 0 ErrorMessage: $'''Could not create access token: %TokenResponse%'''
    END
    Variables.ConvertJsonToCustomObject Json: TokenResponse CustomObject=> TokenResponseObject
    SET AccessToken TO TokenResponseObject['access_token']
    System.SetEnvironmentVariable Name: $'''PAD_GoogleAPIToken''' Value: TokenResponseObject['access_token'] Type: System.EnvironmentVariableType.User
    System.SetEnvironmentVariable Name: $'''PAD_GoogleAPIRefreshToken''' Value: TokenResponseObject['refresh_token'] Type: System.EnvironmentVariableType.User
END
LABEL RetrySheetsRequest
# Send Google Sheets API Request
Web.InvokeWebService.InvokeWebService Url: $'''https://sheets.googleapis.com/v4/spreadsheets/%SpreadsheetId%/values/%SpreadsheetRange%?valueInputOption=USER_ENTERED''' Method: Web.Method.Put Accept: $'''application/json''' ContentType: $'''application/json''' CustomHeaders: $'''Authorization: Bearer %AccessToken%''' RequestBody: SpreadsheetData ConnectionTimeout: 30 FollowRedirection: False ClearCookies: False FailOnErrorStatus: False EncodeRequestBody: False UserAgent: $'''Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.21) Gecko/20100312 Firefox/3.6''' Encoding: Web.Encoding.AutoDetect AcceptUntrustedCertificates: False ResponseHeaders=> SheetsResponseHeaders Response=> SheetsResponse StatusCode=> SheetsStatusCode
IF SheetsStatusCode <> 200 THEN
    # Basic Error Handling
    Variables.IncreaseVariable Value: ErrorCount IncrementValue: 1 IncreasedValue=> ErrorCount
    IF SheetsStatusCode <> 401 THEN
        EXIT Code: 0 ErrorMessage: $'''There was an error with your Sheets query: %SheetsResponse%'''
    END
    IF ErrorCount > 1 THEN
        EXIT Code: 0 ErrorMessage: $'''Too many errors: %SheetsResponse%'''
    END
    # Get Access Token Using Refresh Token
    System.GetEnvironmentVariable.GetEnvironmentVariable Name: $'''PAD_GoogleAPIRefreshToken''' Value=> RefreshToken
    ON ERROR

END
    Web.InvokeWebService.InvokeWebService Url: $'''https://accounts.google.com/o/oauth2/token''' Method: Web.Method.Post Accept: $'''application/json''' ContentType: $'''application/json''' RequestBody: $'''{
    \"grant_type\": \"refresh_token\",
    \"client_id\": \"%ClientId%\",
    \"client_secret\": \"%ClientSecret%\",
    \"refresh_token\": \"%RefreshToken%\"
}''' ConnectionTimeout: 30 FollowRedirection: False ClearCookies: False FailOnErrorStatus: False EncodeRequestBody: False UserAgent: $'''Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.21) Gecko/20100312 Firefox/3.6''' Encoding: Web.Encoding.AutoDetect AcceptUntrustedCertificates: False ResponseHeaders=> TokenResponseHeaders Response=> TokenResponse StatusCode=> TokenStatusCode
    Variables.ConvertJsonToCustomObject Json: TokenResponse CustomObject=> TokenResponseObject
    IF TokenStatusCode <> 200 THEN
        System.SetEnvironmentVariable Name: $'''PAD_GoogleAPIToken''' Value: 0 Type: System.EnvironmentVariableType.User
        GOTO RetryAuthorizationRequest
    END
    SET AccessToken TO TokenResponseObject['access_token']
    System.SetEnvironmentVariable Name: $'''PAD_GoogleAPIToken''' Value: AccessToken Type: System.EnvironmentVariableType.User
    GOTO RetrySheetsRequest
END
# Tested with Power Automate Desktop version 2.15.284.21354

Features

Write data to Google spreadsheets using OAuth 2.0 Desktop app client credentials.
Includes basic refresh token management.
Uses Windows environment user variables for token storage.
Uses Windows OCR (Optical Character Recognition) engine to automatically copy authorization code from the web browser. Can be turned on/off.

How it works

Reading public spreadsheets with an API key is really easy as described in Read Google Sheets API with Power Automate for Desktop.
Writing to private spreadsheets requires significantly more logic, this can be archived with OAuth 2.0 and involves at a high level following steps:

Obtain OAuth 2.0 credentials from the Google API Console.
Obtain an access token from the Google Authorization Server.
Examine scopes of access granted by the user.
Send the access token to an API.
Refresh the access token. [1]

This example uses Invoke Web Service flow actions and OAuth 2.0 tokens to send requests to Google API and Google Sheets API. The token lifetime is 3600 seconds and this means that a Google Sheets API request will fail after an hour. Therefore, when such an error occurs, the access token is updated by using the granted refresh token.

But, also the granted refresh token might no longer work. A refresh token might stop working for one of these reasons:

The user has revoked your app’s access.
The refresh token has not been used for six months.
The user changed passwords and the refresh token contains Gmail scopes.
The user account has exceeded a maximum number of granted (live) refresh tokens.
The user belongs to a Google Cloud Platform organization that has session control policies in effect. [1]

A Google Cloud Platform project with an OAuth consent screen configured for an external user type and a publishing status of “Testing” is issued a refresh token expiring in 7 days. [1]

If a refresh token request fails, then the web browser is opened and the user is forced to reauthorize to be able to continue with the flow.

As a bonus, Windows OCR engine can be used to copy authorization code from the web browser to the PAD (UseAuthorizationCodeOCR = True /False). However, this is not 100% reliable, sometimes the engine cannot find the code (for some unknown reason), so this feature is not enabled by default. Instead, the user needs to manually copy the authorization code from the browser to the PAD input dialog. This isn’t a big drawback since authorization codes are less needed, a refresh token should be used if an access token gives an unauthorized response.

How to create OAuth 2.0 Desktop app client credentials and enable Google Sheets API

Register a Google Cloud Account trial.
Navigate to Credentials panel in cloud console.
Select +Create Credentials > OAuth client ID from top menu. Then select option Application Type: Desktop app. By using Desktop app we can avoid the need for a redirect URI (we don’t really need one as we are just going to run this from Power Automate for Desktop).
Go to your developer console and navigate to OAuth consent screen.
Under Test users select +Add users and then add your user.
As the last step, enable Google Sheets API.

Instructions

Line 1: Set Desktop app Client ID (from previous step)
Line 2: Set Desktop app Client secret (from previous step)
Line 3: Set Spreadsheet ID.
⠀⠀If you don’t know how to locate this, open your Google spreadsheet and get it from the url:
⠀⠀https://docs.google.com/spreadsheets/d/spreadsheetId/edit#gid=0
Line 4: (Optional) Replace spreadsheet range Sheet1!A1:D5 with with the sheet and cell values you would like to write to.
Line 5: (Optional) Replace spreadsheet data values.

Notes

ValueInputOption=USER_ENTERED means that cell values will be parsed as if the user typed them into the UI. If you prefer to insert values as-is, then use the value RAW instead.
Access and refresh tokens are stored in Windows environment user variables. Be sure to not expose these variables to anyone.

References

[1]https://developers.google.com/identity/protocols/oauth2

[2]https://developers.google.com/sheets/api/samples/writing

[3]https://developers.google.com/oauthplayground/

[4]https://www.daimto.com/google-authentication-with-curl/

Author

PAG Admin

Also See These Flows

Flow Action

Write to Google Sheets API Using OAuth 2.0 Power Automate for Desktop

Write cell values to spreadsheets. Includes basic logic for handling refresh tokens for repetitive tasks.

PAG Admin

2,748

Flow Action

Find Text From Images Using Google Vision AI and OCR

This walkthrough shows all the steps it takes to analyze text from images with Optical Character Recognition (OCR) using Power Automate Desktop.

PAG Admin

683

Flow Action

Basic Web Scraper Built With Power Automate for Desktop

A functional web scraper with complete flow actions. Showing how to scrape websites, traverse links and download content.

PAG Admin

3,740

Flow Action

Use Power Automate Desktop as a Web Scraper for Excel

Update existing Excel spreadsheet with information pulled from any webpage.

PAG Admin

859

Flow Action

Run Flow From Command Prompt or Windows Task Scheduler

A simple way to run flows from Command Line, Windows Task Scheduler, shortcut keys or by using a URL.

PAG Admin

8,478