I need to get all Twitter ad accounts using OAuth2.
When I make request to https://ads-api.twitter.com/11/accounts1 with valid OAuth2 bearer token supplied I'm getting this error:
{
"title": "Forbidden",
"type": "about:blank",
"status": 403,
"detail": "You are not permitted to use OAuth2 on this endpoint"
}
Scopes for the token: tweet.read, users.read, follows.read, follows.write, offline.access
Is it possible to use Twitter Ads API using OAuth2?
Not right now - the Ads API is looking into moving to OAuth 2:
We are recruiting developers for a private beta for OAuth 2.0.
You can apply for the beta, but this is not generally available (as of June 2022)
Related
A number of our users authenticate through the Google OAuth API (https://developers.google.com/+/web/api/rest/oauth)
What is the future of the Google's version OAuth API beyond the April 2019?
OAuth aside, we use the following endpoint to obtain the user's email and name: https://www.googleapis.com/plus/v1/people/me once we obtain the access token. Is this endpoint becoming obsolete?
Update 12/21/18
Google+ Shutdown Notice
[End Update]
OAuth 2.0 is a service provided by Google Accounts. The end of life for Google+ will not affect OAuth 2.0.
OAuth 2.0 is the foundation authentication service for Google Cloud Platform, G Suite and many other services. OAuth 2.0 is token based, and these tokens can be used on a variety of services, both Google based and third party.
A further question was asked below in the comment section about endpoints.
The Google+ endpoint for user information: googleapis.com/plus/v1/people/me will probably continue to exist for years (awaiting official announcement from Google).
I would start using the Google OAuth 2.0 endpoint (notice the alt=json): https://www.googleapis.com/oauth2/v3/userinfo?alt=json
Which returns Json that looks like this:
{
"id": "123456789012345678901",
"email": "username#example.com",
"verified_email": true,
"name": "User Name",
"given_name": "User",
"family_name": "Name",
"link": "https://plus.google.com/123456789012345678901",
"picture": "https://lh3.googleusercontent.com/.../mo/photo.jpg",
"locale": "en",
"hd": "example.com"
}
The current list of Google OAuth 2.0 endpoints:
https://accounts.google.com/.well-known/openid-configuration
What is the future of OAuth API beyond the April 2019?
Oauth is not an api it is a protocol for authentication. In this instance the authentication response is used to access googles APIs. Googles use of Oauth2 for authentication is not going any where there has been no announcement that it is being discontinued in any way. Nor do i think they would as to my knowledge it is current industry standard for authenticating to APIs
OAuth aside, we use the following endpoint to obtain the user's email and name: https://www.googleapis.com/plus/v1/people/me once we obtain the access token. Is this endpoint
The Google people api may contain the term plus in the url but it does not really have anything to do with Google plus (other than really bad naming).
[Documentation] The People api lets you list and manage the authenticated user's Contacts and retrieve profile information for authenticated users and their contacts.
Which actually has nothing to do with Google plus other than the fact that some of the users profile information may have originally been contained within Google plus which has now been moved i suspect (but i have no proof of that). I did send off an email to google asking for some clarification as to exactly which endpoints are shutting down.
Shutdown
So what is going to happen with the shutdown
Google+ will stop working
plus.activites will stop working.
plus.comments will stop working
What will happen to people overview will be a really good question. They may be renamed however i suspect they may just be left alone to access the google contacts as they do currently. (again i have no proff of this)
Get current user info
If you want to get the information about the current user then an idea would be to use the userinfo endpoint. As long as you requested the profile scope you can request the current users info from the identity server directly
Request:
GET /oauth2/v2/userinfo HTTP/1.1
Host: www.googleapis.com
Content-length: 0
Authorization: Bearer qMgWQHD0MstTDVip7hIYipUpSQkxexF4-W0bI3geEaYk0ztVryYZyFRrZDFWkn69Hw3RlBjfOuXJ8df_iv5ATgW3y0BUkI0xMXeGq22qmfqG-4duSU
Response:
{
"picture": "https://lh5.googleusercontent.com/-a1CWlFnA5xE/AAAAAAAAAAI/AAAAAAAAl1I/UcwPajZOuN4/photo.jpg",
"name": "Linda Lawton",
"family_name": "Lawton",
"locale": "en",
"gender": "female",
"link": "https://plus.google.com/+LindaLawton",
"given_name": "Linda",
"id": "117200475532672775346"
}
I suspect that some of this is going to change. Link for example is not going to be able to link to google plus anymore. I think i will send off an email to google to see what they intend to do about that.
Email will only appear in the response if you have also requested email scope when authenticating the user.
update
blog post on api shutdown just went out and gives information on what APIs are being shut down and when.
The most commonly used APIs that are being shut down include:
Google+ REST API
Google+ Web API
Google+ Android SDK
Google+ Domains API
Google+ Pages API
This still doesn't clear up the issue with the people API being Google contacts yet part of the Google+ rest API
https://developers.googleblog.com/2018/12/google-apis-shutting-down-march-7-2019.html?m=1
In order to disable this Google + API from your apps, you need to go to https://console.developers.google.com
... and navigate to each project you are using Google+ Api and click DISABLE
This will remove any requests from Google + API.
i'm trying to integrate the Fitbit SDK in my iOS app. I have created project on fitbit now i'm running there API in Postman to check profile, but in response it is showing me invalid access token,
{
"errors": [
{
"errorType": "invalid_token",
"message": "Access token invalid: 39ec7defa6f0e33b314bbf6217279b15. Visit https://dev.fitbit.com/docs/oauth2 for more information on the Fitbit Web API authorization process."
}
],
"success": false
}
This is my API https://api.fitbit.com/1/user/-/profile.json and this is what i'm passing in header, Authorization : Bearer Client Secret But it is showing me status code 401 having error of invalid access token . How can i get the access token for my app?
You need to get an OAuth2.0 token from the FitBit authentication service before you can call any other endpoints on the API. You will need to redirect your app to Safari and go to the fitbit authentication service so that the user can log in and authorise your apps access to their FitBit data. The callback will then return an OAuth token that you can pass in subsequent requests.
You will need to call something like this:
https://www.fitbit.com/oauth2/authorize?response_type=code&client_id=%#&scope=%#&redirect_uri=%#"
This is the official fitbit documentation for Authorisation:
https://dev.fitbit.com/build/reference/web-api/oauth2/
We are using the YouTube Data API to get the YouTube channel information, it was working before two days now it is giving me below error:
{
"error": {
"errors": [
{
"domain": "usageLimits",
"reason": "dailyLimitExceededUnreg",
"message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup.",
"extendedHelp": "https://code.google.com/apis/console"
}
],
"code": 403,
"message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup."
}
}
Is there any new update on YouTube Data API?
Can anyone help me to resolve this issue?
In order to access any Google API you need to identify your application. This rule has not been enforced on all Google APIs. If you say your request has worked in the past I suspect that they have begun to enforce this now with the YouTube API.
The problem is that you have either not authenticate your application using Oauth2 or you are not sending an API key along with this request.
You need a Google Account to access the Google Developers Console, request an API key, and register your application.
Create a project in the Google Developers Console and obtain authorization credentials so your application can submit API requests.
After creating your project, make sure the YouTube Data API is one of the services that your application is registered to use:
a. Go to the Developers Console and select the project that you just registered.
b. Open the API Library in the Google Developers Console. If prompted, select a project or create a new one. In the list of APIs, make sure the status is ON for the YouTube Data API v3.
If your application will use any API methods that require user authorization, read the authentication guide to learn how to implement OAuth 2.0 authorization.
see Getting started
I was getting the same error. The mistake I was making is not setting the API Key value while requesting. Please set the API Key attribute.
If you are using youtube data v3 api use following code snippet.
playlistItemsListByPlaylistIdRequest.setKey(YOUR_API_KEY_VALUE);
If you are using the Html request, then use following format :
https://www.googleapis.com/youtube/v3/playlistItems?part=snippet%2CcontentDetails&maxResults=8&playlistId={PLAYLIST_ID}&key={YOUR_API_KEY}
I was trying to build a market place application with admin-sdk.
Reading the docs, it looks like two legged authentication is the only way to go as far as market place apps are concerned.
Wanted to check if the current user is an admin so for that, I wanted to use
https://www.googleapis.com/admin/directory/v1/users/(useremail)?xoauth_requestor_id=(admin-email)
I was trying both to be the same and to be that of the admin
The Authorization header is also as follows.
OAuth realm="", oauth_signature_method="HMAC-SHA1",
oauth_version="1.0", oauth_consumer_key="<key from market place>",
oauth_nonce="4473365854789985180", oauth_timestamp="1380453874",
scope="https://www.googleapis.com/auth/admin.directory.user",
oauth_signature="yEcbWIp5f1nNFaUI8vSxn1NYlzw="
When this request is made to the url I am getting error saying.
"domain": "global",
"reason": "authError",
"message": "Invalid Credentials",
"locationType": "header",
"location": "Authorization"
I looked for apis to get it done but could not find for two legged with admin-sdk. Could someone please help me tackle the problem ?
Also can such a feature be done by using service accounts ?
I also wanted to, in the end have the admin-sdk to be used golang in the end.
Marketplace still uses OAuth 1.0. So I don't think you can really use service account as it is really for OAuth 2.0.
Have you checked out these two documents?
https://developers.google.com/accounts/docs/OAuth#GoogleAppsOAuth
https://developers.google.com/gdata/docs/auth/oauth#2LeggedOAuth
Anyway, you want to make sure you are using the clientID and client secret that has Admin SDK enabled you generated from API console. Additionally, have you also had the clientID enabled with the Admin SDK scope in Manage Third Party OAuth in Admin console?
I was able to make the following call with no problems:
https://www.googleapis.com/admin/directory/v1/users/user#domain.com?xoauth_requestor_id=admin#domain.com&key=APIkey_from_API_console
I have a Rails website that has Google OAUTH2 implemented and working.
We are developing an iOS app, which is going to talk to my web server using APIs. Some of the APIs need the user to be authenticated. The idea, is that the iOS app authenticates the user using OAUTH2 on the device, then POSTs the token over SSL from the device to the web as the authentication. I need the website to verify the token.
In the Google API console, I added the client ID for the iPhone device, and got an access token by going to:
https://accounts.google.com/o/oauth2/auth?
scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&
redirect_uri=urn:ietf:wg:oauth:2.0:oob&
response_type=code&
client_id={my client id}
Then, I pass the token to my site. On my site, I validate the token via:
google = OmniAuth::Strategies::GoogleOauth2.new(ENV['GOOGLE_API_KEY'],['GOOGLE_CLIENT_API_SECRET'])
client = OAuth2::Client.new(ENV['GOOGLE_API_KEY'],['GOOGLE_CLIENT_API_SECRET'], google.options.client_options)
access_token = OAuth2::AccessToken.new(client, params[:token], google.options.access_token_options || {})
google.access_token = access_token
google.auth_hash
When I attempt to auth_hash, the following error is returned:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "authError",
"message": "Invalid Credentials",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Invalid Credentials"
}
}
From here, I have no clue why I have specified invalid credentials.
ENV['GOOGLE_API_KEY'] points to the same API key as the website, and ENV['GOOGLE_CLIENT_API_SECRET'] points to the secret for the iOS client.
The URL I used above, I thought, gave me an access token. In reality, it returns to me an authorization code (which can then be used to get an access token).
The solution, is to exchange the authorization code, for an access token, then I can pass the token around and use it.
The difference between an authorization code and an access token is somewhat vague on the Google site, but you can read about how to exchange them here:
https://developers.google.com/accounts/docs/OAuth2WebServer