Skip to main content
Version: Latest

Google Slides

Proxy for the Google Slides v1 REST API — the entire API surface: create_presentation, get_presentation, get_page, get_page_thumbnail, and batch_update. Dual auth by design, like drive and calendar:

  • idp_passthrough mode for human users who want an agent to read or edit presentations they own. Each request carries the caller's own OAuth grant.
  • google_sa mode (Workspace service account with domain-wide delegation) for headless workflows that read or write shared decks on a fixed identity's behalf.

Overview

Typical uses:

  • An agent reads a deck's structure or renders a slide thumbnail to describe it (get_presentation, get_page, get_page_thumbnail).
  • A generation workflow creates a deck and adds slides / inserts text (create_presentation, then batch_update with createSlide / insertText).

Two upstream-shape notes specific to Slides:

  • No list endpoint. The Slides API can't enumerate presentations; discover presentation IDs via the Google Drive connector (filter on mimeType = 'application/vnd.google-apps.presentation'), then operate on the ID here.
  • Mutations and deletes are batch_update. Adding/deleting slides and page elements (createSlide, deleteObject, insertText) are request objects on batch_update; deleting an entire presentation file is the Drive connector's job.

Default policy

The connector ships policy/slides.rego (package pbac.connectors.identos.google_slides). It enforces:

1. IdP-routing subject obligation

subject_obligations contains obl if {
input.resource.type == "urn:connector:identos:google-slides"
input.connector.upstream_auth.type == "idp_passthrough"
input.subject.idp_provider != "google"
obl := { "type": "require_authn_at", "idp": "google", ... }
}

Same pattern as google-drive/gmail — a caller from a non-Google session gets a step-up obligation before any passthrough Slides call succeeds.

2. blocked_presentation_ids deny (read + write)

A "nuclear" deny: the presentation is off-limits to this connector entirely, reads and writes both blocked. Use it for a sensitive deck the service account can reach but that shouldn't be exposed to LLM-driven workflows.

3. read_only_presentation_ids deny (write only)

Listed presentations allow GET but deny batch_update. Reads still work — useful for agents that should surface but not edit a shared deck.

Supplying operator data

curl -X PUT http://localhost:8080/admin/policy/data/pbac/operator/connectors/identos.google-slides \
-H "X-Admin-API-Key: $PBAC_ADMIN_API_KEY" \
-d '{
"blocked_presentation_ids": ["1AbcSensitiveDeckId"],
"read_only_presentation_ids": ["1XyzSharedDeckId"]
}'

Scope model

ScopeUsed for
PBAC scopes (internal)slides:read, slides:writeRoute authorization
Upstream OAuth scopespresentationsGoogle-side grant the user consents to (idp_passthrough mode); the service-account flow uses the same scope on the SA

See Google Workspace: multi-connector setup for how slides' scopes compose with drive, gmail, and calendar on a single Google IdP.

Manifest reference

  • ID: identos.google-slides
  • Version: 1.0.0
  • Resource type: urn:connector:identos:google-slides

Supported auth modes

TypeDetails
idp_passthroughrequires IdP google
google_sasetup fields: sa_key_env, domain

Setup fields

IDLabelDefaultSecret?Notes
base_urlAPI base URLhttps://slides.googleapis.comno
upstream_auth.typeAuthenticationidp_passthroughnoidp_passthrough forwards each user's own Google OAuth token (recommended). google_sa uses a Workspace service account with domain-wide delegation impersonating a fixed user.
sa_key_envService account keyyesPick a secret containing the service-account JSON. Required only for the google_sa auth mode. / shown when upstream_auth.type == 'google_sa'
domainWorkspace domainnoplaceholder: example.com / Required only for the google_sa auth mode. / shown when upstream_auth.type == 'google_sa'

Scopes

Scope
slides:read
slides:write

Routes

MethodPatternScopeResource template
POST/v1/presentationsslides:write
GET/v1/presentations/{presentation_id}slides:readslides://{{presentation_id}}
GET/v1/presentations/{presentation_id}/pages/{page_object_id}slides:readslides://{{presentation_id}}
GET/v1/presentations/{presentation_id}/pages/{page_object_id}/thumbnailslides:readslides://{{presentation_id}}
POST/v1/presentations/{presentation_id}:batchUpdateslides:writeslides://{{presentation_id}}

MCP tools

NameScopeDescription
create_presentationslides:writeCreate a new presentation. Pass {"title": "..."}. Add slides afterward with batch_update.
get_presentationslides:readGet a presentation's full structure (slides, layouts, masters, page elements).
get_pageslides:readGet a single page (slide) of a presentation by its object ID.
get_page_thumbnailslides:readGet a rendered thumbnail image URL for a single page (slide).
batch_updateslides:writeApply one or more updates (createSlide, deleteObject, insertText, replaceAllText, image/shape ops, …) via Slides Request objects. This is also how you DELETE slides/objects.

Operator data schema

Keys the operator can supply under data.pbac.operator.connectors["identos.google-slides"].* — consumed by the connector's policy.

KeyTypeDescription
blocked_presentation_idsarrayPresentation IDs that are off-limits to this connector — reads and writes both denied.
read_only_presentation_idsarrayPresentation IDs where batch_update is denied regardless of the caller's scope. Reads still work.