I am a backend developer in a SaaS startup. I wish to test all possible responses from the exposed Google My Business APIs. I have set up a test account with 2 locations, however, I would like to test for 200 or more locations. I am wondering how others tested their code while developing their product using Google My Business APIs. (I would like to test scenarios like fetching more than 100 locations associated to a single account)
Related
I am a teacher preparing for distance learning. Google Forms are awesome, but they have some limitations. I created an old school google form with google sheets to get around a few issues I was having. I used the script from this data entry form
It works great! ...but I'm worried my students won't use it since they will get a warning that says "This app isn't verified." I know for a fact that my students will not click on the "advanced" button to authorize the app.
Is there a way around this?
Answer:
This screen can't be removed without app verification.
More Information:
As per the unverified apps page:
An unverified app is an app or Apps Script that requests a sensitive or restricted OAuth scope, but hasn't gone through the Google verification process. Users of unverified apps or your test builds might get warnings based on the OAuth scopes you're using. This is to protect users and their data from deceptive apps.
It's designed this way to stop tricky people with tricky apps blindsiding people by getting them to approve sensitive scopes without too much thought.
Unless you want to verify your app, which will need to be done through the GCP console (instructions on verification can be seen here), your only way around this is to just tell your students to click on the "advanced" button to authorise the app.
Side note: Verification is not required for Apps Script projects whose owner and users belong to the same G Suite domain or customer.
Further Reading:
Google Cloud Platform Projects | Apps Script | Google Developers
References:
Unverified apps - Google Cloud Platform Console Help
OAuth Client Verification | Apps Script | Google Developers
I am making a web application that will automate some actions on Google AdWords. The web application can be used by anyone that has an AdWords account.
I am a bit puzzled by the AdWords API, as it is a different from other Google APIs, in terms that it needs two additional config parameters: developerToken and clientCustomerId, a per their documentation:
https://developers.google.com/adwords/api/docs/guides/first-api-call
When constructing the AdWordsClient object, I need to provide the developerToken and clientCustomerId, in order to push data to AdWords.
My question is whether these two parameters (developerToken, clientCustomerId) need to be different for each user that will use my web application?
It seems that I am able to post data to different accounts with an unrelated developerToken, which does not make sense.
Can I get the clientCustomerId from an API endpoint, so I don't require my users to manually input tokens and ids to the web app, and do the complete authentication with oAuth?
My code is working, I am asking more of the philosophy why I need these two parameters, and if I can avoid asking the user to manually copy them from the AdWords dashboard into my application?
The developer token identifies a given Adwords API developer and is used for RMF enforcement, rate limiting and the like. As you mentioned, this is different from other Google APIs, which I think has to do with the fact that it's not a publicly available API. You always have to use the developer token that was given to you as part of your API sign-up process and are not allowed to use another developer's one (thus there's no possibility to have a user of your application enter it on their own).
The clientCustomerId parameter refers to the specific Google Ads account that you want to interact with. As a given user (identified by the OAuth2 access token that you include in your request) might have access to a whole lot of different accounts, this always needs to be included.
As for how to obtain a list of accessible account given a user's credentials, you can use the CustomerService.getCustomers endpoint for that purpose. Quoting the docs, it will "return details of all the customers directly accessible by the user authenticating the call."
I manage several projects, each project includes several API Clients (Android App, iOS App, PWA and backend server).
Glossary from yt API terms:
"API Client" means a website or software application (including a mobile application) developed by you that accesses or uses the YouTube API Services.
"API Project" means the project created in the Google Developer Console that is required for API Client(s) to access and use the YouTube API Services.
Following yt API terms I must create exactly one (1) API Project for that API Client. Those API Credentials are intended to be used exclusively by the associated API Client, which means that you must not use that one (1) API Project for multiple API Clients.. Then I understand that I should create one API Project for Android App, one more for iOS App, etc.
But I've recently received following email from Google:
We have recently detected your Google Cloud / APIs Projects have been circumventing our quota restrictions via multiple projects acting as one and appears to be violating YouTube API Terms of Service (III.D.1.c).
To fix the problem please delete all projects using YouTube API usage except for one project you wish to keep active
Then if I delete API Projects and keep a single one for all my API Clients, that means I should use one API Project for multiple API Clients, that is forbidden by terms.
What's the best way to follow ?
Just in the title. If a company is using Skype for Business with their Office 365 subscription, are the contacts in skype for business the same contacts available by the Graph API?
My understanding is currently the only way to access Skype for business data from an API standpoint is through the UCWA 2. And that the graph is not reflecting any data for S4B. This is also why those are two different set of permissions when you declare apps in the AAD portal.
One of the reasons behind that is probably because when using the UCWA you need to talk to different resources and endpoint for Discovery and Grant flows before getting to the data.
Another one could be that UCWA provides streaming and some kind of notifications capabilities (status update, messages) which the graph doesn't support right now.
I really hope the S4B endpoints come to the graph at some point, things are going to be simpler.
I have a web application which runs on one server, but multiple domains (like ab.c, a-b.c, ab.d, a-b.d etc.) are pointed to this application. I would like to use other systems' (e.g. Google, Facebook, Microsoft) authentication. Google and Facebook are working fine, but it looks like Microsoft Live allows only one domain per application. Is that correct? If yes how to handle this? Does it exactly means I have to create separate application on MS developers site and I have to choose different Client ID for authentication based on user's referrer?