How long can a developer store permission-based user data (email, contacts)? I'm unable to find specific documentation on this.
Related
What I'm trying to do is, establishing a link between a user 1 and my website and their Google Calendar account.
As soon as another user 2 accept's user 1's request it should automatically sync user 2's birthday to user 1's Google Calendar and user 1's birthday to user 2's Calendar.
How can I make this possible with Google Calendar API ?
What you need to remember is that Google Calendar data is private user data. In order to access private user data like a users Google Calendar account you need the users permission. To do that we use Oauth2.
Both user one and user two will need to authencate your application and grant your application consent to write to their google calendar.
When you create your application, you register it using the Google API Console. Google then provides information you'll need later, such as a client ID and a client secret.
Activate the Google Calendar API in the Google API Console. (If the API isn't listed in the API Console, then skip this step.)
When your application needs access to user data, it asks Google for a particular scope of access.
Google displays a consent screen to the user, asking them to authorize your application to request some of their data.
If the user approves, then Google gives your application a short-lived access token.
Your application requests user data, attaching the access token to the request.
If Google determines that your request and the token are valid, it returns the requested data.
read more here
Im building an application based in Ruby-On-Rails that facilitate users to obtain their information from different websites into one centralized dashboard. To do that, at the beginning the app asks for their login information (user+password) of every website.
Because we are working with sensitive information we have to save the users data encrypted in our database. Afterwards, to login into the users account, we decrypt the password in the database and login to the webpage using his/her info.
We want to avoid to see the user private information at any moment during the web-scraping.Is there a way to use their information to login into their account and obtain the data that they are looking for, avoiding any chance for us to see their private information ?
Goal: save data from application to Google Drive - there is separated google account that represents the app and I want data to be saved there, not in user's drives
Question: How to create permanent token for my app that can work w/o additional autentification?
If I understand the api correctly you create token and it can expire after 25 refreshs. That would cause the app to stop working and someone with access to google account of the application would have to reauthorize it.
The answer is to create
service account.
I am using google's oauth2 to allow users to register/login into my site (php library). The first time a user attempts to login I get the user's email address and google+ id which are provided by the Google OAuth2 API (with the user's permission).
In a different part of the site I need some information from the user's youtube channel. I am using the incremental authorization to get the extra permissions as it is recommended (and described here: https://developers.google.com/identity/protocols/OAuth2WebServer#incrementalAuth ).
The problem is that I don't have a unique identifier for the user between the calls, in order to keep track of him/her in my side of the application. A user, for example might have multiple youtube channels and each one can be associated with a different google+ account/id and a different email address, which most of the time is not a real address but a provided email with the format 'username-XXXX#plus.google.com'.
I was wondering if google's apis can return a unique identifier for the 'parent' account of a user across different apis.
Thanks in advance.
How long can a developer store permission-based user Instagram data (username, friends, photos)? I'm unable to find specific documentation on this.
The API Terms of Use are a little ambiguous on this. Section 1.2
You shall not:
Cache or store any User Content other than for reasonable periods in order to provide the service you are providing to Instagram users.
Your guess is as good as mine really