I created an app in the Google Cloud console with an OAuth 2.0 client.
Can I programmatically update the list of allowed redirect URIs to allow different subdomains? (a.example.com, b.example.com, etc.)
The only way I was able to do it was via the GUI at https://console.cloud.google.com/apis/credentials which is not scalable.
I was looking for this same thing.
All I could find was this, but it is only for Identity Aware Proxy
https://cloud.google.com/sdk/gcloud/reference/iap/oauth-clients/create
Related
We have a custom built web app backed by a REST API. We already have existing user accounts that are created via our system. We've just recently integrated Domo to do reporting and they recommend Okta.
Is it possible to get have users sign in on our site and in the background also sign them into Okta via an API call/OAUTH request etc?
Yes it is. The methods are available via the API, and I just created app that demos exactly this in Python. Check out http://developer.okta.com/docs/api/resources/authn.html for links to test stuff in Postman. My basic approach was to have Okta be the system of record, but it can certainly be the other way :)
I'm trying to write a CLI script (ruby) to manage my youtube videos. Technically I'm updating a script that I used in 2012 to do this. It appears that since 2012, youtube has discontinued the simple client authentication mechanism and moved to OAUTH2 (though I'm not totally sure).
I'm wouldn't be the first to say that OAUTH2 is hell (just google it). It's been 3 hours and I still haven't gotten my old script to even authenticate with google (using the youtube_it ruby gem).
I simply do not understand why I would need to use OAUTH to access my own account on Google? What am I missing? I thought OAUTH was so that separate users could give access to applications to temporarily access their data.
Is there another way? What am I missing. As one blogger commented OAUTH2 is enough to make one want to change careers. Even the lead dev quit the project.
The Youtube API docs is specific in stating that if you're going to use Youtube API (or other Google APIs), you must learn how to use OAuth:
If your application will use any API methods that require user
authorization, read the authentication guide to learn how to implement
OAuth 2.0 authorization.
Youtube has a Ruby Quickstart sample which includes the OAuth process.
I simply do not understand why I would need to use OAUTH to access my own account on Google?
I think OAuth answers exactly that question, "how will Google products know if you are who you claim to be?"
Read the OAuth Google guide for more info.
OAuth 2 is an authorization framework that enables applications to obtain limited access to user accounts on an HTTP service, such as Facebook, GitHub, and google. It works by delegating user authentication to the service that hosts the user account, and authorizing third-party applications to access the user account. OAuth 2 provides authorization flows for web and desktop applications, and mobile devices.
for more detail study :-
https://www.rfc-editor.org/rfc/rfc6749
I would like to configure the Google API services programmatically instead of having to go through the API Console. For example, I would like to be able to the following types of things programmatically:
Create OAuth and API Key credentials; this would include generating
the client id\secret, setting the redirect uri, downloading the
client_secrets.json file, etc.
Get the list of projects for a user
Enable\disable services for a specified project
Does Google provide any APIs for configuring services so that I don't have to use the API Console's GUI? All of the documentation I have seen has indicated that the only way to do this is through the API Console’s GUI.
You can use the Cloud Resource Manager API to get the list of projects for a user. Unfortunately, public APIs don't exist for the other things at this time.
We have a Windows 7 Task Tray application that needs to access services in our Google App Engine application, and we are having difficulty making the OAuth connection between them work. For some reason our OAuth libraries that work with the Twitter and Tumblr OAuth implementations do not seem to work in this scenario with Google. Google is returning a 400 bad request response to the last step in the OAuth authorization sequence.
To debug the problem I am trying to use Google's OAuth 1.0 Playground page (http://googlecodesamples.com/oauth_playground/index.php). But I can't figure out what should be entered for the "scope" in step 1. If I enter the name of our GAE server the sequence will fail with the error message "Invalid scope". Clearly, choosing one of the provided scopes (the Google API services) is not an option for us.
Can anybody tell me how the OAuth scope designation should be set when accessing Google App Engine hosted services?
just for reference look at this blog,looks helpful in your case
http://ikaisays.com/2011/05/26/setting-up-an-oauth-provider-on-google-app-engine/
I think this Google Official Docs explains best how to set up an endpoint to your own appengine application. You question isn't very specific, but take note of the following that is being written in this document:
The scope of an authorization, how much the consumer is allowed to access, is for all of a single app. App Engine only supports whole-app scopes, and does not support more granular scope requests. When Google Accounts prompts the user to authorize a consumer, the prompt explains that the consumer is requesting permission to access the full app.
And did you set up OAuth on your domain?
The consumer performs OAuth actions using a set of standard web service endpoints. These endpoints use reserved paths on your app's domain. For example, if your app uses a Google Apps domain of www.example.com, the endpoints for the OAuth protocol begin as follows:
https://www.example.com/_ah/OAuth...
I'm currently writing a web application, which should access user facebook data.
The problem is, that many users access via proxy (all facebook urls are blocked) and therefore it's not possible to use the default oauth mechanism provided by facebook. Any ideas?
Best Regards
Markus
The user must be able to access facebook's servers to authenticate your app.