I have been using google-cloud speech-to-text using api keys. Now I want to switch to using Google credentials (stored in a JSON file). But I can't figure out how to get those credentials from the google cloud portal. Heck, I can't even figure out where I got the api keys in the first place.
Anybody knows how to get those?
Thx.
To get the JSON file you need to have a service account. If you do not have a service account you can follow Creating a GCP service account.
Once you have a service account you can generate the JSON file by following Create service account keys. You can now use this JSON file to authenticate your requests for google-cloud-speech.
Related
We are exploring the Graph API to let users authenticate to our service via their MS account. However, to be able to encrypt user data properly, we need a 'secret' that we can use. Typically API's return an application specific key that is unique to the user/application that can be used for this purpose. However, I don't see anything that would be usable for that in GraphAPI.
Questions
Can anyone tell if getting such an application specific key is possible using the Graph API?
Otherwise, we will generate a secret ourselves, but want/need to store that securely in the user profile that we would be able to get after logging in. Any suggestion on how to do that?
Thanks!!
Regards,
Rick
This is not currently supported in Graph API. Being said that, you can file a user voice for this ask so that it could be considered for future implementations.
Try storing the secret securely in the Azure Key vault and you can retrieve it from there.
I need to build APIs integrations to connect my Rails 6 B2B app to any other service such as Google Drive, Microsoft Excel, Zapier.
What I've done so far is to ask clients for their client_id and client_secret (or api_key), store them and then use them to authenticate to the API with OAuth2.
Storing clients' secrets is not the ideal solution. I would like to do the same thing but without asking for secrets.
Just like Trello or TypeForm are doing it.
I have no clue on how to authorize my app to read/write data of an other service without authorizing through an URL with the secrets.
Here is an example of TypeForm connecting to GoogleSheet API :
Connects to the Google account
Asks for permissions
Asks for the spreadsheet link
Writes data in the spreadsheet (form responses)
https://www.typeform.com/connect/google-sheets/send-responses-to-google-sheets/
The usual way is that you register your own "app" in the console for those API providers, and then you use your own client id/secret pair to request access to the end user's data. That's what usually brings up those authorization screens like: "jdps app1 would like to access your google account".
More information for Google APIs specifically: https://developers.google.com/identity/protocols/oauth2
I'm trying to setup account linking in dialogflow agent using this documentation, I've created my credentials from the Google cloud platform. when I'm trying to put that credentials data to Actions on Google console, it gives an error as shown in below picture.
I've put these Authorization URL and token URL from my credential JSON.
The error says: Google accounts cannot be used as Auth endpoint urls per our Account Linking policyLearn more
I want to know about the following:
What this error means.
how to solve this issue.
The error is exactly what it says - if you are setting up Account Linking using the Auth Code Flow, you're not allowed to use Google's servers as your authentication endpoints. You're expected to have your own OAuth server (or use one such as Auth0) to do this.
How to resolve this depends on your exact needs and exactly what you have available to work with:
Setting up your own OAuth server
If you have an existing service that has accounts already, you would likely want to link the user's account in your service to their Assistant account.
To do this, you would need to setup an OAuth server. If you are already using one as part of your existing service, you can configure it for the Assistant. If not, Google provides information about the minimal implementation requirements or you can use existing libraries.
Using OAuth as a Service
You can also use a service such as Auth0 to provide authentication. Depending on your needs, this is a good service that allows people to log in using a range of providers and gives you an API to access their accounts maintained on Auth0.
Using Google Sign-In for Assistant
Finally, if you are either using their Google Account in your own service, or you just want a way for them to log in using their Google Account, you can use the (still in preview) Google Sign-In for Assistant. This will give you an ID token as part of your fulfullment which contains the Google ID
I need to sync Google calendar with my Asp.NET MVC 5 application. I have a calendar in my application which is similar to Google's calendar, when I checked the Google documentation where they describes a sample console application. In that application, we need to download a client secret file and which can be used with the application for fetching the data from Google calendar. I can do this in a test environment, but in a production environment its difficult because the client need to download the file himself. How is it possible to get the details of the calendar without any file downloads but with a google login.
I think the clients will be reluctant to download a file and do the processing, how can I forward with syncing the calendar with out any client IDs and secrets.
I know OAuth is there to setup an authentication, but is that possible to forward with out downloading a client secret file ?
You can access the data from outh2 with out client permission and use your client-id and client secrete(Client for the API ) then fetch the client user details using the interface.use a library managing the authentication flow.
Refer Google API Client Libraries.
You have tried the sample console application right, try to use your credentials and to fetch client details.
Hopes it helps you.
My goal is to offer a service for user of my website to store their private notes.
I want that users can trust the service, therefore the data should not be accessible for my company.
Can i realize this with google-cloud-storage and oauth-2.0 authentication? I would use the Google Cloud Storage JSON API to send the notes directly from the browser into the cloud.
What would be the basic steps to implement this?
There are a couple of ways to handle this, depending on how you want to handle authentication. If you want to make sure that your application cannot access the objects and only the users can, you'll need the users to have Google accounts and authenticate your app to act as their agent using OAuth 2.
Your app could involve a piece of JavaScript that would prompt the user to authenticate with Google and grant it access to Google Cloud Storage under their name. It would then receive a token that it could use to act as them. From there, it would upload the note using that token with an ACL granting permissions only to the uploader.
The uploaded object would go into your bucket, but it would be owned by the end user. You'd have the ability to delete it, but not to read it, and your bucket would be billed for storage and access.
The downside here is that all of your users would need to have Google accounts that they could entrust to your application for short periods of time.
Here are some details on the OAuth 2 exchange: https://developers.google.com/accounts/docs/OAuth2UserAgent
Here's the JavaScript client that does a lot of the authorization heavy lifting for you:
https://code.google.com/p/google-api-javascript-client/
And an example of using that library for authorization:
https://developers.google.com/api-client-library/javascript/samples/samples#AuthorizingandMakingAuthorizedRequests
Another alternative would be for the user to upload directly to the cloud using YOUR credentials via signed URLs, but if you went down this road, you would be able to read the notes after they were uploaded.