I have submitted our oauth client id for verification, its been a long time since i got reply from them.can someone help me about it.like how long does it take? and how to get approve oauth client id? Is there anyway to contact API & Trust Team of google to seek help from them?.
Regards
The following can be found here
Most verification requests receive a response within 24 to 72 hours. When verification of your OAuth client is confirmed, your app is verified.
Unfortunately Google does not offer live support for their free products. I know of no way to contact them. Nor is their a way to track your request.
Related
I am using Gmail API to retrieve recent messages. And of course Gmail API requires OAuth2 Token to authenticate the requests. And repeat the task indefinitely every nth time.
However, I think that this is an impossible task. Because OAuth token expires. Though it has a refresh token, It will still need initial user intervention to start the task.
Does anyone experience the same problem? If so, how did you guys overcome it?
I'm kinda stuck on this matter. and would love to hear a solution.
I am using Gmail API to retrieve recent messages.
Your trying to access private user data you need the consent of the user to do that.
this is an impossible task. Because OAuth token expires.
Tokens expire this is intentional if they didn't and someone got your token they could use it for ever by having an expiration time on the token this limits how long a hacker would have access to your data.
Does anyone experience the same problem? If so, how did you guys overcome it?
These are things you should not be trying to over come these are things you should accept and try to understand the security they bring to your application.
I'm kinda stuck on this matter. and would love to hear a solution.
If this is a google workspace domain account, you could consider using a service account.
However if this is a standard google gmail user then you will need to use Oauth2 and request the consent of the user. If you have a refresh token you should not be having an issue you just need to authorize the user once and you will be able to request a new access token when ever you need.
What is the easiest way for a tenacious but stupid feeling new Twilio user to generate a simple authroization token so that I can send an API token Twilio from another app (REDCap) which I am using to send a one question SMS survey.
Does the trial account not allow me to generate an authorization token?
How quickly does the authorization token in Twilio expire?
Thanks in advance.
You don't generate your auth token, it's assigned to your account. It should be right in front of you when you first log in to your console.
I'm working today on a partner environment related to Google Home.
Concretely, when I use google home to give orders on devices, Google calls my API to execute them (as it does with Philips Hue, Netatmo etc ...).
My problem is this: I use keycloak for OAuth management. the Google console has been configured to use it and it works. However my refresh_token expire and this forces the user to delete the linked account and then postpone it.
My question is this: Does Google expect to get an infinite refresh_token after giving its authorization_code? Or I missed something, because Google does not seem to restart the normal connection procedure.
Keycloak 3.2, Google homegraph action-on-google
Typically, yes, Google assumes the refresh_token has either no expiration or an extremely long expiration period. But it does acknowledge that the refresh_token can either expire or be revoked. In that case, you need to make sure your OAuth server returns HTTP code 400 with the OAuth error invalid_grant.
I personnaly consider a good practice to revoke refresh tokens after an period of inactivity.
This gives a pretty good user experience while keeping the database updated.
Everything is configured appropriately, but I can't find a definitive answer on how long lived the bot API token is. Can anyone confirm it's valid until a refresh request is submitted?
I asked Slack (via Twitter) and the reply was that the token for bots doesn't expire until a forced refresh.
From this document: https://github.com/paypal/PayPal-iOS-SDK/blob/master/docs/future_payments_server.md#create-a-payment
It says:
Once a user has authorized your app to use their PayPal account, you can then use that authorization to obtain tokens that let you create future payments from that user.
Thats fine, however I see no mention of using the aforementioned token in a PayPal payment call using the native sdk?
Do we really need to do this via network requests (i.e. cUrl?)
Some clarification on this point would be great. As it seems a little weird that the PayPal payment api cannot accept a token from a future payment authorization in it's call.
An answer to this would be great. Thank you.
Dave from PayPal here.
#PersuitOfPerfection, usually it would be your server that would be handling the tasks of securely storing the refresh token and then -- when a payment is to occur -- using the refresh token to generate an access token and using the access token to create a payment.
After all, it will be your server that controls whatever action the payment is for -- providing a service or shipping physical goods.
Are you planning some different model of client/server/delivery interaction?