I'm trying write a standalone perl app that list all my tasks stored in Google Tasks. I'm led to believe I can use what Google call "Simple API Access" because it's just my tasks and it's read only.
So I did the following:
#!perl
use LWP;
my $browser = LWP::UserAgent->new;
my $list = "Iyrhxu8sRTVOhE4hUBr4W1kwNTI6MDow";
my $key = "<api key removed>";
my $url = "https://www.googleapis.com/tasks/v1/lists/$list/tasks?pp=1&key=$key";
print $browser->get($url)->content;
In return, I get:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "required",
"message": "Login Required",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Login Required"
}
}
Unfortunately I've no idea what authorization it wants at this point. I tried replacing the last line with:
my $auth = "...";
print $browser->get($url, "Authorization", $auth)->content;
and using the Google listed Client ID, Email address and Client Secret listed in the API Console - but they all gave Invalid Credentials.
Can anyone help?
Doesn't seem to work, they seem to have disabled it in favor of oauth2, and just haven't updated the apply-for-an-api-key page. Use Oauth2 instead:
https://developers.google.com/oauthplayground/
If you need an api key, you can get it here:
https://code.google.com/apis/console
Related
I have dug through most of stackoverflow posts to find an answer but still unable to solve this problem. This is just a simple matter of authing into the gmail api but I want to do it in a server so I need to follow the server-server (OAuth2.0 2 legged procedure). Anyways
I have gone through all the oauth docs in google api .
This one is spot on but it does no good.
https://developers.google.com/gmail/api/auth/web-server.
I have a service account and I do have the creds file.
here is my code snippet.
def call_gmail():
SCOPES = ['https://www.googleapis.com/auth/gmail.readonly']
SERVICE_ACCOUNT_FILE = '<creds_file>'
credentials = service_account.Credentials.from_service_account_file(
SERVICE_ACCOUNT_FILE, scopes=SCOPES)
print(credentials)
service = build('gmail', 'v1', credentials=credentials)
messages = ListMessagesMatchingQuery(service, "me", "<Some email address>")
message_id = messages[0]['id']
I keep getting this error:
An error occurred: <HttpError 400 when requesting https://www.googleapis.com/gmail/v1/users/me/history?startHistoryId=2547406&alt=json returned "Bad Request">
"error": {
"errors": [
{
"domain": "global",
"reason": "required",
"message": "Login Required",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Login Required"
}
}
Would be very grateful if someone can help me solve this. thanks.
The gmail api only works with service accounts if its a Gsuite account and you have set up domain-wide delegation. Contact your Gsuite admin and make sure that they have setup delegation properly.
delegating authority
I'm trying to create and query a fusion table. So what I did:
I created a new fusion table in google drive
Created a new api key
Set the fusion table to public (using share button)
Now I'm using Advanced REST client executing this request:
GET https://www.googleapis.com/fusiontables/v2/tables?key=[myapikey]
But I keep getting 401: Unauthorized
{
"error": {
"errors": [
{
"domain": "global",
"reason": "required",
"message": "Login Required",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Login Required"
}
}
The docs say that this should work, but I keep getting this message. Any hint?
p.s.: The reason why I use an api key only is simply because I created a batch which sends the request, the data is public and there is no user authentication required.
I'm using the API Explorer tool to create some request urls for google adsense. Here is the request url that the explorer tool generated that gives a response of today's earnings: https://www.googleapis.com/adsense/v1.4/reports?startDate=today&endDate=today&accountId=MY_ACCOUNT_ID&metric=EARNINGS&key=MY_API_KEY
However, when I try to use this url in the browser or in my code it gives this response:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "required",
"message": "Login Required",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Login Required"
}
}
I am not sure what I am missing it use this url. I have activated adsense apis on my google developer console.
The key parameter is the public API key for accessing public data.
The access_token parameter is used for accessing private user data.
In your case you are trying to access your private account and should be using an access token.
To obtain an access token you need to authentication your application using either Oauth2 or a service account. Once you have obtained an access token and send that with your request as so:
https://www.googleapis.com/adsense/v1.4/reports?startDate=today&endDate=today&accountId=MY_ACCOUNT_ID&metric=EARNINGS&access_token=YourAccessToken
You need to replace MY_API_KEY with your API key, and MY_ACCOUNT_ID in same fashion.
I'm trying to make a call to Google Reports API with a service account.
I follow this code example : https://godoc.org/golang.org/x/oauth2/google#JWTConfigFromJSON
{
"error": {
"errors": [
{
"domain": "global",
"reason": "authError",
"message": "Access denied. You are not authorized to read activity records."
,
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Access denied. You are not authorized to read activity records."
}
}
I'm pretty sure it is on Google configuration side but :
I created the service account
I downloaded the JWT
I authorized the needed scopes
Then I try to call this URL : https://www.googleapis.com/admin/reports/v1/activity/users/all/applications/login
What could I have forget ?
Thanks for helping me.
Fixed it. Needed to explicitly specify the subject value.
I now follow the Service Account example : https://godoc.org/golang.org/x/oauth2/google
Having implemented oauth2.0 and done a handshake using the scopes:
"https://www.googleapis.com/auth/userinfo.email ",
"https://www.googleapis.com/auth/userinfo.profile",
"https://www.googleapis.com/auth/admin.directory.user ",
"https://www.googleapis.com/auth/admin.directory.group ",
"https://www.googleapis.com/auth/admin.directory.orgunit ",
I get back a token
the request
$ curl -X GET https://www.googleapis.com/oauth2/v1/userinfo?access_token=<Token>
{
"id": "{id}",
"email": "{email}",
"verified_email": true,
"name": "{name}",
...
}
as it should.
however a requst to the admin.directory.user namespace does not succeed:
$ curl -X GET https://www.googleapis.com/admin/directory/v1/users?access_token=<Token>
{
"error": {
"errors": [
{
"domain": "global",
"reason": "badRequest",
"message": "Bad Request"
}
],
"code": 400,
"message": "Bad Request"
}
}
Any good ideas to why this is?
The request to admin.directory.users is constructed from https://developers.google.com/admin-sdk/directory/v1/reference/#Users
I had the same problem retrieving all users through https://www.googleapis.com/auth/admin.directory.user endpoint. According to the documentation, you could do that in a specific domain by passing the domain as a parameter or get all existing users by passing the customer=my_customer parameter as follows:
Retrieve all users in a domain doc: https://www.googleapis.com/auth/admin.directory.user?domain=example.com
or
Retrieve all account users doc: https://www.googleapis.com/auth/admin.directory.user?customer=my_customer
In google playground oauth2 also you can test the above stuff by selecting Admin SDK API directory_v1 and auth/admin.directory.user.readonly to authorize the respective scope, then call the above requests.
Note that, you may need to get access to google playground within your google admin dashboard under the security apps section.
You need to specify either the domain (to get fields from only one domain) or the customer (to return all domains for a customer account).
I filed a bug to make more clear that is required to provide one of the two parameters.
At the very least, you need to include the Content-Type header:
curl -X GET -H "Content-Type: application/json" https://www.googleapis.com/admin/directory/v1/users?customer=my_customer&access_token=<Token>
For a full script that implements this API with CURL and BASH see this answer.
Note that the documentation is currently incorrect because it lists customer as an optional parameter when it is in fact required.