I’m trying to build a web application where visitors can upload files directly to my personal Google Drive account. The tricky part is I want to control what they can see and download while still allowing unrestricted uploads.
Most tutorials I found focus on accessing other people’s Drive accounts through OAuth, but my situation is different. I own the Drive account and want to:
Let anonymous users upload files to specific folders
Show only certain files for public download
Hide sensitive documents from public view
I’ve spent hours searching for a solution but most Google Drive API examples don’t cover this use case. Has anyone implemented something similar? What’s the best approach to handle authentication when you want public upload access to your own Drive storage?
I built something almost identical for a client portal last year. Skip the direct API calls from your web app - use Google Apps Script as a bridge between your public interface and Drive instead. Here’s what worked: I set up different service account permissions for uploads vs downloads. For uploads, I made a specific folder with write-only permissions through a service account. Apps Script then moves files to the right spots after processing. For downloads, I kept a separate folder structure with publicly accessible files. Authentication gets way simpler this way. Your Apps Script runs with your credentials but deploys as executable by anyone. Just watch your input validation since it’s basically a public endpoint. Way more reliable than managing OAuth flows for anonymous users, and you get better control over what’s exposed.
google forms is da way to go. just set it up for file uploads and link it to drive - files go straight to the folder u choose. so much easier than handling APIs and permissions. once ur good to go, just move files to ur public download folder.
Skip OAuth for anonymous users - just create a service account through Google Cloud Console instead. It’ll act on behalf of your Drive without needing user authentication. Set up two dedicated folders: one write-only for incoming uploads, another read-only for public downloads. I hit the same issues building a document submission system. The trick is using Drive API’s permission management to lock down folder access properly. Create your service account, grab the JSON credentials, then use those in your backend for API calls. For uploads, accept files through your web interface and proxy them to Drive via the service account. This keeps your main Drive secure while giving you the public access you want. Don’t forget file validation and size limits - you’re basically opening a direct pipe to your storage.