I have an app on the server, I need to upload some videos to one (only 1) youtube account, but without user/browser/client's interaction (I don't want an OpenID/OAuth to be shown), how can I achieve this?
I've googled, but all I ever found is always requires user interaction.
It sounds like you want to OAuth into one account (your own) to enable uploads without requiring user input. If so, you can create OAuth credentials on the Google API Console Credentials page (which I believe is the page in your screenshot) by choosing Create credentials > OAuth client ID > Web application > Create.
Once you have the client ID and client secret, you can use the process described here to generate an access and refresh token, and use these in your server code when making the API upload request.
On a side note, if you are collecting video submissions from users, YouTube recommends you have users upload to their own accounts, for a variety of reasons. See this blog post for details; in particular:
One crucial consideration is which account the videos will be uploaded
to on YouTube. It’s tempting to design a system in which all videos
are uploaded to a single “master” YouTube account, but this is always
the wrong approach. While using a master account means that each
uploader doesn’t need to register for their own YouTube account, a
high rate of uploads into a single YouTube account is a good way to
run afoul of the YouTube API’s quota system. Additionally, each
uploader to YouTube agrees to YouTube’s Terms of Service, which says
that they have the right to upload that content, and that the content
does not violate our Community Guidelines. By taking responsibility
for other users’ content, you are essentially putting your own account
and YouTube standing at risk.
Related
I have looked around Stack Overflow and seen a few posts about this but none of the solutions help.
I have a Google account which I use in YouTube. I have created a second channel on that YouTube account so that I can upload videos with a specific theme to separate them from the main videos.
Trying to use the Google API to upload the videos so that I can run it via a Python script, I keep hitting brick walls with Google who is looking for app verification, privacy policies and web page links - none of which I have.
This application is a Python script that's not available to the public and doesn't gather any public information. All I am trying to do is upload videos to my own personal YouTube account.
So I'm beginning to think it is something else I should be using rather than the API (the uploading web page isn't suitable for use in a script).
My two question are:
Can I use the YouTube API to upload a video directly to the second channel on my personal YouTube account?
Is there another simpler mechanism I should be using to upload videos via a script to my personal YouTube account? The reason I have to do it via script is that the device is unattended.
Thanks,
David
You have to acknowledge that each and every app (this to be understood in a broad sense that includes even a small script like this one from Google upload_video.py) must be verified and approved by Google prior to be able to make videos publicly available via the YouTube site.
Answer to question no. 1: yes, that is perfectly possible.
As part of the OAuth 2.0 authentication/authorization flow, you will be presented, within the browser, with the option of selecting to which account your app is to be given access rights.
You may well exercise this behavior, prior to making use of your script, with the help of Google Developers OAuth 2.0 Playground.
Upon a successful OAuth flow, you may verify (and also revoke) the permissions granted by your account on the account's permissions page.
Answer to question no. 2: no, there's no way to upload programmatically videos on YouTube that's in compliance with YouTube's DTOS, other than using the Videos.insert API endpoint.
Addendum
Since by now you have at least two credentials sets, it may be of need to know to which of your YouTube channels a given credentials object is associated.
If using the Google APIs Client Library for Python, you may easily obtain from the API the channel ID to which a given credentials object CREDENTIALS is associated by issuing a call to the Channels.list API endpoint, passing to it the parameter mine as mine=true:
from googleapiclient.discovery import build
youtube = build(
'youtube', 'v3',
credentials = CREDENTIALS)
response = youtube.channels().list(
mine = 'true',
part = 'id',
fields = 'items(id)',
maxResults = 1
).execute()
channel_id = response['items'][0]['id']
Note that the code above uses the fields request parameter for to obtain from the Channels.list endpoint only the channel's ID info (it is always good to ask from the API only the info that is of actual use).
A caveat using the above procedure is the following: if a given CREDENTIALS instance has its scopes containing only:
https://www.googleapis.com/auth/youtube.upload,
then the API will respond with an error of type insufficientPermissions and of message Request had insufficient authentication scopes.
For to invoke successfully the Channels.list it would be sufficient that the scopes attached to CREDENTIALS to include either of the one below:
https://www.googleapis.com/auth/youtube.readonly,
https://www.googleapis.com/auth/youtube.
We're working on an integration with youtube channels (using Youtube Data Api v3). We need to access the videos (private also) on our user's channels.
The flow is the following:
User authorizes his/her youtube account on our site using OAuth.
We show user the list of videos on user's youtube channel.
User selects some of them (they can be private) and sends us for processing.
We need to somehow access the actual video files which the user asks us to process.
The issue is that youtube does not give any streaming URLs or download links.
Looks like, the API provides only iframe embedded code, which works ONLY for the browser, where the user is actually logged into youtube.
How can we access(can we?!) the private video, if we have the OAuth access-token of the video owner?
The YouTube Data API lets you incorporate functions normally executed on the YouTube website into your own website or application. The lists below identify the different types of resources that you can retrieve using the API. The API also supports methods to insert, update, or delete many of these resources. This in a sense means that you can see most of what you can see on the YouTube website including uploading new videos.
Downloading Youtube videos is against their Terms of Service, so the API does not support that.
Page linked above refers to Youtube ToS that states:
You shall not download any Content unless you see a “download” or similar link displayed by YouTube on the Service for that Content.
YouTube partners may have access to this feature in their API (no idea i have never seen the api), if you have access to this i suggest you contact your manager directly they should be able to instruct you on how to access it assuming the feature exists.
I have Java based website. I would like users to log into my website and then upload videos to youtube using my youtube account. Users should not be required to have their own youtube account since videos will be uploaded using my youtube account.
Does youtube support this scenario?
If so, is there a sample code that shows me how to do this in Java?
I have used UploadVideo.java sample provided by google (https://developers.google.com/youtube/v3/code_samples/java#upload_a_video), but it requires users to log into youtube account using their id and password. That is not my use case.
Please study the terms and conditions of the Youtube service ; I think they do not allow this:
https://www.youtube.com/static?gl=GB&template=terms
YouTube accounts
4.1 In order to access some features of the Website or other elements of the Service, you will have to create a YouTube account. When
creating your account, you must provide accurate and complete
information. It is important that you must keep your YouTube account
password secure and confidential.
4.2 You must notify YouTube immediately of any breach of security or unauthorised use of your YouTube account that you become aware of.
4.3 You agree that you will be solely responsible (to YouTube, and to others) for all activity that occurs under your YouTube account.
and
5.1.L: you agree not to access Content or any reason other than your personal, non-commercial use solely as intended through and permitted
by the normal functionality of the Service, and solely for Streaming.
"Streaming" means a contemporaneous digital transmission of the
material by YouTube via the Internet to a user operated Internet
enabled device in such a manner that the data is intended for
real-time viewing and not intended to be downloaded (either
permanently or temporarily), copied, stored, or redistributed by the
user.
You can not let other people use your YouTube account/channel. The way to do is using YouTube Direct Lite
You basically add a ytdl with playlist tag while uploading videos.
You can check Android Client for how to do it in Java.
As to whether it is technically possible, yes, see https://developers.google.com/youtube/v3/guides/using_resumable_upload_protocol
The technical problem here is users will be able to delete videos too if they have your access token with full permissions. basically you need to:
load your html page with the upload interface.
add to the onclick event of the upload button to send an ajax request to a script on your server which will:
return the access token of your account to the client
soon thereafter change the access token using the refresh token
Its still technically vulnerable though. a possible solution is to obtain the access token ONLY with the scope:
https://www.googleapis.com/auth/youtube.upload
There is a very good chance it will not be vulnerable then. You should test it.
Currently I am using a modified script to upload videos. I have taken the following example as a basis:
https://github.com/youtube/api-samples/blob/master/php/resumable_upload.php
This script uses browser based oauth flow.
Could you please tell me if it is possible to allow other users to upload videos to my channel without making them the channel managers? So that they could use my auth token.
If yes - how can it be inplemented?
Yes, that is definitely possible. You need to design an application that is capable of the following:
Authenticate the channel the videos shall be uploaded to via OAuth. As DalmTo said, you need to save the tokens. Whoever has the tokens has access to the channel.
Since your application has access to the channel by now, it (and therefore you) can decide what to upload. That means that you are responsible for granting or denying a specific user the right to upload something.
In order to do so, you could again use OAuth or any other method you like (e.g. you can use your backend accounts).
In other words, a user has to identify towards your application. Your application can then decide to take the user's content and upload it to the channel.
Is there any way of using the YouTube API so that users can upload videos directly to my business YouTube channel? Users would grant permission to upload to my channel on the website. I want to avoid uploading to another server, then to YouTube if possible.
Thanks
You can use service account OAuth2 to authorize requests from your app on your behalf to a channel that your account is authorized to access/the owner of.
Create service account credentials: (documentation here)
and make sure the YouTube Data API v3 is enabled on your API
project (getting started guide here, if you're new to the API).
Use your service account OAuth credentials to call the upload API: (documentation here) use the auth in step 1 to upload the video your users share with you and specify your business YouTube channel ID in the video resource. Sample code in various languages here (just search for upload examples after you choose your preferred language).
Things to keep in mind:
If you enable uploads to your channel by end users but don't do any checking/validation there is potential for abuse
service account OAuth is valid for 1 year, so you'd need to refresh the service account credentials every year
It will look like these videos are being uploaded by your business channel and not other user's channels (because that's what's happening via the API).