According to the google drive api's documentation, I can not write key parameter into the request.
I tried this request with my folderID and my api key:
GET https://www.googleapis.com/drive/v3/files?q='folderID'+in+parents&key={API KEY}
The documentation page contains a try-out method where I tried out my request, I ticked only the API key in the credentials section. This also did not work.
Can I make requests with api key or not?
API keys are used for accessing public data. Not private user data.
The files.list requires that your application be authorized with one of the following scopes
trying to call files.list without authorizing the call using Oauth2 is going to result in the following error message
{
"error": {
"errors": [
{
"domain": "global",
"reason": "insufficientFilePermissions",
"message": "The user does not have sufficient permissions for this file."
}
],
"code": 403,
"message": "The user does not have sufficient permissions for this file."
}
}
The only method in the google drive API that you would be able to use with an API key would probably be a file.get assuming that the file itself was set to public. As in shared with everyone.
Api keys are mostly used for apis like maps, or youtube searching for public videos.
Related
I am trying to issue a POST request towards the google calendar api, but I fail to understand how to authenticate it.
I took the following steps to try and use a service account to do so:
I've enabled the the calendar api in the Google Cloud console
I've created a new service account, enabled G Suite Domain-wide Delegation, and downloaded the provided key.
I've added the service account email to the calendar to be able to make changes and create events.
I've tried to create a POST request to https://www.googleapis.com/calendar/v3/calendars/calendarId/events with the contents of the JSON key as the value of the Authorization header, but I receive the following error:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "authError",
"message": "Invalid Credentials",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Invalid Credentials"
}
}
Am I missing some steps or have I do not understand correctly the authentication process?
I would appreciate your help.
Its not simply a matter of applying the contents of the key file to your call, all google apis need an access token in order to authenticate them.
To get an access token from a service account you need to follow the following steps. Preparing to make an authorized API call
There are steps you will need to complete inorder to get the access token you will need to make a call to the api
After you obtain the client ID and private key from the API Console, your application needs to complete the following steps:
Create a JSON Web Token (JWT, pronounced, "jot") which includes a header, a claim set, and a signature.
Request an access token from the Google OAuth 2.0 Authorization Server.
Handle the JSON response that the Authorization Server returns.
I recommend you pick your favorite server sided programming language and find a client library for it. It will make things much easier then you trying to authncate using a service account by yourself.
I am attempting to use the "List Contacts" Microsoft Graph v1.0 API (https://learn.microsoft.com/en-us/graph/api/user-list-contacts?view=graph-rest-1.0) to retrieve the contacts of various users in my organization. In other words I want to list contacts in a delegated fashion.
My problem is that this API only seems to work for the user associated with the access token, e.g.:
Get Microsoft Graph API token for user "A"
Request to https://graph.microsoft.com/v1.0/users/USER_A_ID/contacts works fine
Request to https://graph.microsoft.com/v1.0/users/USER_B_ID/contacts fails
The error returned by the API is:
{
"error": {
"code": "ErrorAccessDenied",
"message": "Access is denied. Check credentials and try again.",
"innerError": {
"request-id": "[REQUEST_ID]",
"date": "[DATE]"
}
}
}
I have verified that the token contains the "Contacts.Read" scope by decoding the JWT token and examining the "scp" field, so I do not understand why the APIs saying that access is denied. Any ideas as to why this is failing?
Your need Contacts.Read.Shared or Contacts.ReadWrite.Shared, Your current Contacts.Read scope will only allow you to access the current users Contacts Folder. The other thing is the user requesting will still need to be granted the underlying delegate rights to the Target Mailbox Folder ( via Outlook delegation or Add-MailboxFolderPermission eg they need to be able to access the folder via Outlook or OWA).
I'm using Google API to develop a web app, to do this I need to interact with youtube and get the channel ID. According to google documentation I use this request
https://www.googleapis.com/youtube/v3/search?part=snippet&q=LorenzoSchaeffer&type=channel&key={YOUR_API_KEY}
where in "YOUR_API_KEY" I copy and paste my API Key found in the google developer console. but I get this response
{
"error": {
"errors": [
{
"domain": "usageLimits",
"reason": "keyInvalid",
"message": "Bad Request"
}
],
"code": 400,
"message": "Bad Request"
}
}
while from google API explorer I get the correct output.
I don't know how to proceed, any solution?
This means either you're using the wrong API key or the API project that "owns" the API key you are using doesn't have the YouTube Data v3 API hasn't been activated for use with the project.
Go here for information on how to get started, get and API key (make sure to get an API key and not OAuth credentials): https://developers.google.com/youtube/v3/getting-started
I am trying to use the Youtube API to pull in all the videos from a particular channel. I set up the project in Google Developers Console and got an API browser key. I enabled YouTube Data API v3 and for safe measure, I enabled YouTube Analytics API.
I do not know what I am getting this error. Can anyone help me. This is my console output.
"error": {
"errors": [
{
"domain": "usageLimits",
"reason": "ipRefererBlocked",
"message": "There is a per-IP or per-Referer restriction configured on your API key and the request does not match these restrictions. Please use the Google Developers Console to update your API key configuration if request from this IP or referer should be allowed.",
"extendedHelp": "https://console.developers.google.com"
}
],
"code": 403,
"message": "There is a per-IP or per-Referer restriction configured on your API key and the request does not match these restrictions. Please use the Google Developers Console to update your API key configuration if request from this IP or referer should be allowed."
}
Did you add any bundle id's to "Edit allowed iOS apps..." in your API Access panel? If you did, remove them all. iOS apps: should now say "Any app allowed". This fixed this issue for me.
I am told that this is fixed by simply removing all Ip's from the edit allowed IP's option. This makes it so that it is less secure, but it will accept all IP's after that.
I am getting 401 Invalid Credentials error trying to use the Youtube API in the OAuth 2.0 Playground.
Response is:
{
"error": {
"code": 401,
"message": "Invalid Credentials",
"errors": [
{
"locationType": "header",
"domain": "global",
"message": "Invalid Credentials",
"reason": "authError",
"location": "Authorization"
}
]
}
}
Steps can be reproduced here.
Select Manage Youtube account API
Authorize
Get access token
Attempt to call any Youtube API (you may need to plug your own API key in as well)
The access token is valid (non-Youtube API calls work fine) and I have tried this with a number of different accounts which have Youtube accounts and channels set up (so the reply here is not what's happening).
The API works fine in the Try it Now section here so this is quite strange.
Maybe somebody can try these steps with their account and verify if the outcome is the same or not?
You have to choose the "Use your own OAuth credentials" option in the settings of the OAuth Playground (link at the top right corner).
You also need to add the following URL to the list of Redirect URIs of you project in the Developers Console:
https://developers.google.com/oauthplayground
If you do that, you don't need to pass the API key.