validate rewarded ad in google ad manager for web - validation

We have a learning app with free content and subscription content.
We would like to give access to the subscription content to the users using rewarded video ads.
I can try those videos using these codes publisher-tag 1 publisher-tag 1 2.
But the question here is, how can I validate that event server-side? I can't just call a function to reward the user without any validation. I'm trying to find information in google but the SSV is only explained for mobile apps (what in my opinion is less important than the web validation)

Related

How to get the get API path and parameters of Google play developer API?

I have added a non-renewable subscription for one of my projects. We also started implementing the Google play developer API to get the subscription latest status from the Play Store. For that we have done the below steps as per this blog:
Linked the developer account to a new Google Cloud Project.
Enabled the Google Play Developer API for the Google Cloud Project.
Created a service account and created a key for the service account.
I have below clarifications related to this implementation:
I tried to Grant Access for the following permissions: But the corresponding checkmark is not clickable.
View financial data, orders, and cancellation survey responses
Manage orders and subscriptions
The 3rd step as per the blog is to Authorize an API key, but I didn't get a clear idea of that.
We are going to implement this API on the back end side as a corn job, do we need to generate a JWT token for accessing this API? Is this possible to call without a Token? I found 2 types of implementations from this blog, which one is easy and secure?
"Your application can complete these tasks either by using the Google APIs client library for your language or by directly interacting with the OAuth 2.0 system using HTTP."
From where we get the get API path and other details. I found a similar get API from AppStore like this. Is the play store providing a similar kind of get API?
We need the latest purchase status API and for that what parameters do we need to pass?

Google OAuth Application Verification without Website

I am using the OAuth Functionality in a local Console Program to request the Videos for my Youtube Channel and upload Videos to Youtube.
For the Example which Google gives OAuth is used to authenticate to be able to retrieve the wanted data. But the Videos I am uploading keep getting put to private because my API Service is not verified.
Now I want to verify my API Service but I dont have a website for it so I can't provide any links for data security information or the main page of it. I mean it is a desktop app which only I am using and which is not meant to be publicly available.
How can I fulfill the verification process without any option to provide this informations?
private videos
If you check the top of the page for Videos: insert you will find that your videos are being uploaded private because your app has not been though a security audit.
app verification
In order to apply for app verification there are a number of urls that you need to supply
You will need to register a domain and claim it in web masters and then you will be able to add them.
If you want to be able to upload public videos via the YouTube Data api your app needs to be verified. In order to verify it you need to be able to show the TOS, privacy policy and the application home page. There is no way around this even if its a desktop app. Even if its single user you still need to do this.
I have a video which shows you what you need to know to verify your app.
What you need to know about Google verification in 2021.

Post reviews to Google Business Profile

I am creating an app that allows users to rate businesses (who are our customers). The businesses would like the user reviews to be cross-posted to their Google Business Profile in addition to appearing as an in-app review in our ecosystem. Does anyone know if there is a way to embed a Google-blessed widget in a mobile app that would allow posting a review to the Google Business Profile?
New reviews can only be created via Google Maps UI or the Google Knowledge Graph UI. The Google Business Profile APIs only support listing and replying to reviews (https://developers.google.com/my-business/reference/rest/v4/accounts.locations.reviews).
So the closest way to get directly to posting a new review would be via this URL pattern:
https://search.google.com/local/writereview?placeid=<PLACE_ID>
e.g.
https://search.google.com/local/writereview?placeid=ChIJj61dQgK6j4AR4GeTYWZsKWw

Overly broad permission ask for google youtube API

I'm using the YouTube API to create a webpage that allows users to view a specific set of YouTube videos, and then LIKE those videos, using YouTube like/dislike rating system, and It's working fine, but when the user triggers the process, after logging into their google account, they are presented with a permission dialog that basically says
"Hey, this site wants complete and total control over your YouTube account!".
I DO NOT want that, I only want the user to be able to rate the videos.
I'm using the PHP Client library to pull the list of videos into the page and display them, and this requires no permissions or interaction from the user. I am also using the JS library to handle the "like" functionality, and it's basically the javascript example from https://developers.google.com/youtube/v3/docs/videos/rate?apix=true, but with my credentials.
Can I change this somewhere, or does YouTube just lump all of it's permissions under one giant "I can do anything" permission group?
I figured it out. It's about the OAuth 2 scopes, which the example lets you change for the DEMO, but it doesn't actually change the code in the sample.
For reference, the list of scopes is here: https://developers.google.com/identity/protocols/googlescopes#youtubev3

Google Calendar API - Designed for?

I would like to implement a Google Calendar API using FullCalendar Javascript.
Before any start of coding I have some problem to understand what is the main purpose of the Google Calendar API.
As you know there is some Auth process before creation and enabling API.
That means that I, as owner or developer want to use Google Calendar API so I get client/secret/keys strings and it is OK.
I can create an app where I can “promote” my Google Account Calendar being public and then I can show all events from that calendar (dentist booking etc).
Also I am able to use Calendar in another way. For example: Within my App I can create one page where users can auth to their google accounts and see their events
are already created.
But, What if my logged users don't have a Google Accounts.
Google Calendar is strongly connected to already created google accounts? Is it possible to use Google Calendar strictly as an REST API?
I know that this may be a stupid questions but this is something that most of Google Calendar API beginners have problem with.
There are technically two ways of accessing a calendar on Google Calendar.
Your first option is where you are using Oauth2 to authenticate your users. They give you access to their google calendar and you can then insert events directly into their calendar. You can also see the events that they currently have. This as you said wont work if the user in question does not have a google account.
Your second option is to use something called a service account. Think of a service account as a dummy user. It has its own Google calendar account minus the web view. You could potentially us that to store events in a global calendar application calendar. Then when you want to add a user to an event you invite them you can set notification no they should receive an email and they will them be able to add the event to their own personal calendar. For you this may work out better because it does not require you to have access to the Users google calendar the only draw back will be there is no way for you to see if said user has any events going on at that time since you don't have access to their account to check.
I have given you a couple of links to some tutorials that I have write a few years ago that explains the difference between oauth2 and service accounts.
Google Calendars are tied to users, which means Google users. First of all, to access the API you need a GoogleAPIs developer key. This requires a Google account. Then you need Google accounts to use or test with the API.
The Google Calendar is tied to a user account as described at https://developers.google.com/google-apps/calendar/concepts/. One thing to notice is that "event" is an atomic unit in the API and a calendar is a set of events. In other words, a calendar in the Calendar API isn't a timespan like we think of "this year's calendar", it's a set of event objects. Within the app you describe, if the users don't have google accounts then they don't have associated calendars. You would have to tie these users to some kind of public or shared calendar. It's unclear if using the Calendar API solely as a REST API as you describe (without actual or "verified" user accounts) is in accordance with the Terms & Conditions. That aside, in theory it may be possible to use a service like that as a REST API to suit your needs. Maybe you can try inverting the problem so an event becomes the user with a primary calendar. Now the location of the event can be treated as the API-event. Other (normal Google) users can "attend" the location, at the given time, created by this event (=user). You could also apply the same approach to invert the problem by location. Location becomes the user, event becomes the API-event, and attendees are normal users. The latter approach is used commonly in businesses to book resources like rooms, equipment, etc.

Resources