For the context: I am building a React App that allows users to upload an MP3 file and an image. Both these files get rendered to an MP4 file through FFmpeg on the client side (in React). I then want to let the user upload the result to YouTube.
So technically everything executed on the YouTube API comes from the user and isn't made through any server. How would I go about uploading the video without having an API Key, just having an OAuth 2.0 object from the user that signed in and that wants to upload the processed video to their channel?
The main problem is that generally a YouTube user has a quota of 50 uploads per day that can be made use of but if I follow YouTube's docs I'd have to upload the videos through a Google Cloud Project Client (which gives me an API Key) and said client would have a predefined quota for all requests (which is about 2 videos per day). Now that's not what I want, through using a client my entire app would only have 2 uploads per day and not 50 uploads per day per user.
Does anyone have experience with such a problem or an idea on how I could work this out?
How would I go about uploading the video without having an API Key, just having an OAuth 2.0 object from the user that signed in and that wants to upload the processed video to their channel?
Uploading or inserting videos in to YouTube requires that you be authorized. What you do is send an authorization header with a bearer token as shown below.
curl --request POST \
'https://youtube.googleapis.com/youtube/v3/videos \
--header 'Authorization: Bearer [YOUR_ACCESS_TOKEN]' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{}' \
--compressed
The main problem is that generally a YouTube user has a quota of 50 uploads per day
This is actually a hard limit imposed by YouTube itself it is not related to the api you are using. No one can upload more than 50 videos a day.
if I follow YouTube's docs I'd have to upload the videos through a Google Cloud Project Client (which gives me an API Key) and said client would have a predefined quota for all requests (which is about 2 videos per day).
Im not sure where you read this can i have a link to that doc?
First off api keys are used when accessing public data, for example public videos stored on youtube. you could do a video.search with an api key you dont need an access token. What it does is identify your project to google so it knows which project to deduct the quota from. But an access token does exactly that so you dont need both. In your case inserting a video you dont need an api key for that.
To be clear an api key should not give you access to insert a video as it can only access public things. IT cant upload to a privet user account with out permission and an api key has no permission.
Related
I have developed an app for a company that generates personalized videos and needs to publish them to Youtube. Everything works fine except I can't publish videos to youtube do to the following rules loop:
If your app is not validated (by google for authentication) it can't upload videos to youtube.
If you app is not public it can't be validated.
How can I exit the loop and publish the videos?
Note: the app needs to publish the videos to an account that is a #gmail account.
Thanks
You may have miss understood something if you check the documentation for Video.insert at the top you will see the following
All videos uploaded via the videos.insert endpoint from unverified API projects created after 28 July 2020 will be restricted to private viewing mode. To lift this restriction, each API project must undergo an audit to verify compliance with the Terms of Service. Please see the API Revision History for more details.
So you can upload videos to YouTube without your app being verified. They will just be uploaded as private.
After consulting with my contact at google. They cleared something up for us.
There is apparently a difference between OAuth verification and the YouTube compliance audit. I assumed they were the same thing.
OAuth verification (requested through Google Cloud Console) This verifies your Oauth2 consent screen.
Compliance Audit (requested through YouTube API form) this will give you the ability to post public videos.
So the team is correct you don't need to Oauth2 verify your app as it is used for internal project. You do however need to go though the YouTube compliance audit which you need to do even if its an internal app.
I am using the OAuth Functionality in a local Console Program to request the Videos for my Youtube Channel and upload Videos to Youtube.
For the Example which Google gives OAuth is used to authenticate to be able to retrieve the wanted data. But the Videos I am uploading keep getting put to private because my API Service is not verified.
Now I want to verify my API Service but I dont have a website for it so I can't provide any links for data security information or the main page of it. I mean it is a desktop app which only I am using and which is not meant to be publicly available.
How can I fulfill the verification process without any option to provide this informations?
private videos
If you check the top of the page for Videos: insert you will find that your videos are being uploaded private because your app has not been though a security audit.
app verification
In order to apply for app verification there are a number of urls that you need to supply
You will need to register a domain and claim it in web masters and then you will be able to add them.
If you want to be able to upload public videos via the YouTube Data api your app needs to be verified. In order to verify it you need to be able to show the TOS, privacy policy and the application home page. There is no way around this even if its a desktop app. Even if its single user you still need to do this.
I have a video which shows you what you need to know to verify your app.
What you need to know about Google verification in 2021.
How do I make requests to the YouTube API (uploading a YouTube video) with a logged in Google User (using Passport's Google Auth)?
The Google API docs only show a way in which you have a pre-setup .json File with your personal credentials - I want users to log into my service and upload Videos onto YouTube via my NodeJS server, how would I handle this?
Thank you for any hints/tips/answers!
Context: using googleapis (more specifically youtube.videos.insert method) to upload a video to YouTube. The video is successfully uploaded but it is private (locked). I'm aware about the verification and I already went through it. My app is verified.
However, I'm still getting this when I upload a video.
Any ideas?
I also just submitted this form https://support.google.com/youtube/contact/yt_api_form (waiting for a response)
Edit #1:
I got an answer from YouTube API Service Team that my API client is not compliant to this document https://developers.google.com/youtube/terms/api-services-terms-of-service with a couple of suggestions how to fix the problems. I'll do today and will email them back. So, the bottom line is - we have to verify our app so we can publish and we have to be fill that form above to make our API client verified.
P.S.
this same question is also published here https://support.google.com/youtube/thread/111169095/video-uploaded-via-the-api-appears-as-private-locked-even-tho-my-app-is-verified?hl=en
So I'm struggling to decode Spotify's Web Authentication set up. What I'm looking to do is create a bash script to add the currently playing song to a predetermined playlist. The aim is to have it so I can push a keyboard shortcut and save it.
So far I have Keyboard Maestro accepting a Hot Key and running some Applescript to pull the TrackID from Spotify. Is it possible to have a Bash script (which Keyboard Maestro can run) do a POST request.
I can run unauthenticated API searches but it's authentication where I'm hitting issues.
I found this in Spotify's API
POST https://api.spotify.com/v1/users/{user_id}/playlists/{playlist_id}/tracks
https://developer.spotify.com/web-api/add-tracks-to-playlist/
Example
curl -i -X POST "https://api.spotify.com/v1/users/wizzler/playlists/7oi0w0SLbJ4YyjrOxhZbUv/tracks?uris=spotify%3Atrack%3A4iV5W9uYEdYUVa79Axb7Rh,spotify%3Atrack%3A1301WleyT98MSxVHPZCA6M" -H "Authorization: Bearer {your access token}" -H "Accept: application/json"
HTTP/1.1 201 Created
{ "snapshot_id" : "JbtmHBDBAYu3/bt8BOXKjzKx3i0b6LCa/wVjyl6qQ2Yf6nFXkbmzuEa+ZI/U1yF+" }
I know that the linux Spotify Client has dbus functionality - and it is entirely possible to manage playlist(s) with DBUS and the Spotify Client.
I have linked a Spotify Forum page, that is by no means an absolute authority on the matter, but it does make it very clear the API is DBUS compatible and that Playlists are one of the many things you can manipulate.
I've attached both the WebAPI and the LibSpotify API links below as well.. As choice is king!!
Add DBus methods for Spotify playlist control
Web API User Guide
Libspotify SDK