I wanted to show GA data to each one client on my website. Each one of them has create own GA profile, I store in database profile_id.
Credentials to GA data are my personal, the same for all profiles, all profiles are in my account. For settings oAuth I used this article: http://www.sitepoint.com/google-analytics-api/.
Clients don´t know my credentials and I don´t want to create them permissions to see the stats. I need the only login into my website (login data are URL|password). After they logged into the client section, I select from database their profile ID and need to show them their stats (without showing Google login dialog). I´d like to pass my credentials directly somewhere in the PHP script.
So, question is:
Is possible to show GA data using oAuth directly without showing Google login dialog? To login in app´s backend?
Thanks.
Yes, if you do the OAuth 2 flow correctly, you will get an access token. Once you have that access token you can use it to query any Google Analytics view (previously called profile) to which you have access.
To do the query, simply append the access token as a query parameter when making your request to the Core Reporting API. This reference shows how to add the access token to the request:
https://developers.google.com/analytics/devguides/reporting/core/v3/reference#q_summary
If you don't want to build the charting yourself, you should also look into using the Embed API. You can use the Embed API's serverAuth option when authorizing to avoid having to have your users log in with their Google accounts:
https://developers.google.com/analytics/devguides/reporting/embed/v1/component-reference#auth
Related
Apologies if this is a newbie question but I'm hoping someone can offer some advice.
I am fulfilling my Google Assistant intents via an Express app. I would like for users of my action to be able to get and modify data from their Strava account. Strava supports Google Authentication and I wondered if I could use node libraries such as Passport (https://www.npmjs.com/package/passport-strava-oauth2) to allow users to sign in to their strava account so that my action can make calls for their data?
I have a welcome intent that gets some Google profile data so wondering if I can pass through some details from this response?
googleApp.intent('Default Welcome Intent', (conv) => {
conv.ask(new Permission({
context: 'Hi, can I get your details from your Google account?',
permissions: 'NAME'
}));
});
Yes, but probably not in the way you're looking at.
The Permission helper requests access to specific types of information - name and location. You're looking to establish more of an identity relationship (using their email address or Google account).
You can do this using Account Linking.
If you're sure you're using Google Sign In on the Strava side then things are even easier and you can take advantage of Google Sign In for Assistant. With this, once they sign in, your Action will get an Identity Token which you can use to get information including their Google ID and the email address associated with the signed-in Google account. They only need to sign-in once - afterwards, you'll be given an Identity Token whenever they connect.
If your Strava project and your Action are both using the same Google Cloud Project, things get even easier for your users. Once they have signed in on either client, they're signed in on the other one. So you'll know who they are immediately through the Identity Token.
I'm building an app that shows users people they might be interested in talking to. If a user says he's interested in a person I show them, I want my app to create this person as a contact in my user's SalesforceIQ.
How do I do this? I see from the API documentation https://api.salesforceiq.com/#/ruby#documentation_contacts_create-a-contact that I can create a contact if I know my user's username and password, but of course I don't want my users to give me this information. Is there some way for the user to OAuth or whatnot by clicking a button that authorizes me to add things to their SalesforceIQ?
The SalesforceIQ API uses HTTP Basic authentication and does not currently support OAuth according to their documentation.
For a SalesforceIQ user to grant API access to your app to create contacts and for other privileges, the SalesforceIQ admin creates an API Key and API Secret for your app which is then used for the HTTP Basic authentication username and password. This way no user needs to provide your app with their credentials. This is configured in the SalesforceIQ admin UI under Settings > Integrations > Create New Custom Integration.
For the admin to provide these credentials to your app, you can have a UI where the SalesforceIQ admin enters this for your app to store and use with the API for their account.
This is described in the following places, briefly in the API Reference and in detail in a Help Desk article with screenshots of what the SalesforceIQ admin needs to do:
API Reference: Requesting Access
API Reference: Security and Authentication
Help Article: Set up API access
I would like to know what access token I require to achieve the following.
My Meteor app crawls various RSS feeds and makes a daily digest. I would like to automatically tweet about the daily digest when it is created, using the app's Twitter account.
As I see, in the doc, it seems that I need to use application owner access token and create my app using the app's Twitter account. Is this a correct approach?
Yes, that's correct. It's quite simple too.
Go to Twitter Apps and login with your regular twitter account
assuming you have one, if not you need to create one.
Once signed in click on Create New App button.
Fill out the application (Name, description, and whatever else it requires).
Create your key and access tokens. Share those with users that you trust as they'll be used to access the twitter API to read/write information.
Give the application you created a "Read and Write" permission based on what you asked in the question.
Then depending on the software/language you use there's a plenty of existing packages that can help you access and obtain the information from the API.
Currently using the Provisioning API that is being depreciated April 20.
This is the current flow:
user (University Alumni) gets to our site http://alumni.columbia.edu/email
they click on Create My Account
they authenticate through our university WIND system using what we call their UNI
they land on a page mentioning that an email account UNI#caa.columbia.edu is ready to be created. They can pick an alias to UNI. They also need to enter a password to use the Chat and POP-mail features of Gmail.
they confirm the creation of the account. At this point the API is being called using https://www.google.com/a/feeds/, some data (email address, name, id) being saved in our database.
To log in, they come through our site, click on the login button, this will use the SSO and they get logged in.
Based on the flow above, do I need to use OAuth2.0?
Yes, you will need to authenticate with OAuth using the Installed Applications approach to do this. Instead of step 5 the way you currently have it, you'll need to call the API from a process on your server with an account that has (limited) admin credentials that can create the account with the Directory API. To do this, you'll need to persist the OAuth token information that the account will use to connect, and handle the code to refresh the token when it has expired.
The first time you run your code you'll need to manually authenticate that account to get your application the appropriate permissions so that they can be stored.
If you're hoping to not go too crazy with handling the authentication side of things and you're using .Net, I'd recommend checking out my project gShell that acts as a wrapper for the authentication and handles the token storing and refreshing for you. It's still a young project but it should fit your needs. Alternately, feel free to browse the code for an example on what to do.
If you plan on using Python, check out Google Apps Manager by jay0lee which is also a wonderful resource.
Is it possible to get Tweets/Facebook posts using the iOS Social Framework without using Facebook or Twitter accounts?
Not possible to query data without active account.
You can create new SLRequest, even set its parameters with valid FB access token but you will still need to associate the request with valid, accessible account.
See the example of the possible request here
For FB queries, You can use the FB SDK to perform the queries without active user login using access token generated for your facebook app, I can explain more about it if needed.