I’m working with the Google Drive API and running into a weird issue when searching for files. I’m using the Files.list endpoint with different owner queries and getting inconsistent results.
When I search using a specific email like '[email protected]' in owners, sometimes I get no results even though I know the user has plenty of documents. But if I switch to using 'me' in owners for the same user, suddenly all their files show up.
I’m using service account authentication (2-legged OAuth) for my app. Has anyone else experienced this behavior? Is there a difference between how the API handles the ‘me’ identifier versus actual email addresses in search queries?
Also, I noticed the official documentation doesn’t really explain when to use ‘me’ as an alias. Is it reliable to use in production, or should I stick with email addresses? Any insights would be helpful.
Yeah, this is normal with service accounts and domain-wide delegation. The ‘me’ keyword works because it grabs the current impersonated user’s context - gives you direct access to their files. But when you query by email, the API runs extra permission checks that can filter results if your service account doesn’t have the right scope or delegation setup. I’ve seen email queries be way more restrictive and sometimes just fail silently when permissions aren’t lined up. For production, I’d still go with email addresses even though they’re more work to set up - you get clearer error messages and more consistent behavior across different users. Just make sure your service account has the right Drive scopes and double-check that domain-wide delegation is properly configured for your target users.
yea, that makes sense. ‘me’ is like a shortcut for the authenticated user, so it gets full visibility. but with email, if the service accnt aint got the right permissions, it won’t see everything. check the domain delegation settings!
I’ve hit this same issue. It’s all about how the API handles ownership context. Using ‘me’ works because it relies on the authenticated session and skips the stricter checks that happen with specific email queries. This usually stems from wonky domain-wide delegation setup or missing scopes on your service account. I’d stick with actual email addresses in production - they’re explicit and won’t break when your context or user count changes. Just make sure your service account has proper domain delegation and the right Drive scopes.