Something that confuses me is this found on the Google Developer Console documentation regarding Setting up OAuth2.0
Setting up OAuth 2.0
To use OAuth 2.0 in your application, you need an OAuth 2.0 client ID,
which your application uses when requesting an OAuth 2.0 access token.
When you register an application in the Google Developers Console, you
can generate an OAuth 2.0 client ID.
To find your application's client ID and client secret, and set a
redirect URI, expand the OAuth 2.0 Client ID section.
To deactivate the client ID, delete the application from the
Developers Console.
How do you "expand the OAuth 2.0 Client ID section" ? Here is a screenshot of this screen:
UPDATE:
Screen shot from "original" developer console interface:
The terminology used is for the original Developer Console, whereas you have been redirected to the new Cloud Console. Personally I find the original more robust so I tend to use that. Look at the bottom of teh page and you'll see a grey link "Return to Original"
Related
I'm trying to create a web server that allow users to oauth their IB accounts. To obtain a request token, you first need to get a consumer key. I tried to follow their instruction, but there is no details on how to make a call to get the consumer_key.
What exactly should the endpoint be? Is it a POST or GET call? how do params / body looks like?
Even though you registered your consumer_key in InteractiveBroker settings page, OAuth flow for the consumer_key will not be worked because IB Web API OAuth flow is not ready to work.
Their customer service doesn't have the ability to solve the problem because the OAuth flow should be ready by the developers for IB Service Provider.
All of documents for the OAuth flow of InteractiveBroker is not correct and the customer service said they don't know about the issues.
It will be the losing of the time if you are going to solve the problem for OAuth flow of InteractiveBroker.
InteractiveBroker Web API is not ready yet.
Don't lose your time.
The answer from Daniel is still right (it just doesn't work) there are however a few projects that can alleviate the pain:
https://github.com/Cloudmative/cp-webapi-gateway
https://github.com/Voyz/ibeam
Both of them require to run a docker service that will do the authentication and proxy the requests to IB gateway service.
You can avoid 2FA if you create an additional user to access your account.
I'm getting 501 HTTP error, it seems that OAuth is not ready yet for InteractiveBrokers developers:
Direct link to the OAuth configuration: https://www.interactivebrokers.co.uk/oauth
There is no API call to get the consumer_key. There is an OAuth settings page (best I know there is no direct link to it) in the IB web portal that lets you
enable OAuth access
upload the public Signing/Encryption keys and the DH param files
set your own consumer_key
Edit: here is the direct link to the OAuth settings page
If your talking about the web trading API you have to submit several things to IB in order to get your application registered. Onboarding instructions can be found in their OAuth document at: https://www.interactivebrokers.com/webtradingapi/oauth.pdf
can any one please suggest how do i test oauth2.0 by using Apigee edge management Trace tool or web browser. I do not have access to post man rest client or curl.
kindly help.
You can go to http://apigee.com/console.
Apigee console works as a Oauth 2 client as well.
To make it work against your APIs, you need to sign in. After you sign in to the console, you see a "Create your own API Console" link at the top right corner of the screen.
Once you are done defining the client with client_id, secret, redirect url etc. you can launch your version of apigee console and test Oauth 2.0 compliant APIs.
So I know it is bad to store the client_secret in a client side app (in my case a mobile app); however, the below link is the only link which describes how to use your refresh token for Google OAuth 2.0 and it requires the client_secret.
https://developers.google.com/accounts/docs/OAuth2Login#refresh-tokens
My question: Is it possible to use Google OAuth 2.0 in a client side app without using/storing the client_secret? I know that Windows Live Connect's flavor of OAuth 2.0 allows you to refresh your token without specifying the client_secret, but I have not yet discovered a way to do this with Google's API.
Any thoughts?
There is a separate workflow for using OAuth2 on installed applications or devices.
See link below to relevant google documentation
Using OAuth 2.0 for Devices
Hello kind people of the internet.
Does Google OAuth2.0 support an OAuth-flow for a Resource Owner Password Credential Flow?
...and if so, then:
A.) can this type of OAuth flow be tested on the Google OAuth2 Playground?
B.) are there any examples of the "Resource Owner Password Credential Flow" with Google OAuth2.0 and the Google APIs?
Per an OAuth presentation recently in Oslo NDC 2013, this subject flow apparently skips the authorization end point all together and directly talks to the token end point of the OAuth2 server. The request syntax incantation would supposedly look something like this:
grant_type=password&
scope=resource&
user_name=owner&
password=password&
My understanding is the Resource Owner Password Credential Flow is for trusted applications in a back-end enterprise type of situations (where a name-password pair could be securely stored).
This particular OAuth flow would require no end-user consent interaction (no pop-up of a browser to Accept, then get a returned authorization-code, etc). In this subject flow the access & refresh token are directly returned, again: with no end-user interaction (albeit after an entry of a username-password).
Looking through the Google OAuth documentation ( link to Google OAuth2 docs ) there does not seem to be any mention of anything resembling Resource Password Credential Flow, but not sure that necessarily means it is explicitly not supported by Google.
Any help or advice would be much appreciated.
thanks in advance
Dear kind internet person,
it is true that Resource Owner Password Credential Flow is not supported on Google but google suggests you use the Installed Application Flow, which is described in: https://developers.google.com/accounts/docs/OAuth2InstalledApp.
You would need to create an Installed Application in the Google Console (https://code.google.com/apis/console), when you do that you can fetch the client_id and build a GET request with the parameters, which would look like so:
https://accounts.google.com/o/oauth2/auth\?
scope\=<scope>\&
redirect_uri\=urn:ietf:wg:oauth:2.0:oob\&
response_type\=code\&
client_id\=<client_id fetched from google console>
You would construct this URL and navigate to it on your browser, allow access for the app and google would give you what I believe is a code which you can use to get credentials. You can use those credentials to get an access token and refresh it, and this credentials is permanent. There's a good example of that on github. Note that you only need to get those credentials manually once, and then you save those credentials somewhere and keep using them to get/refresh tokens.
Hope this helps!
As far as I know, No. The OAuth 2.0 stuff is for Google accounts, for which Google does authentication.
I have been playing with the new Admin SDK in conjunction with the "upgraded authorisation experience" and wondered if someone has and experience/examples on how to use it. From what I have read, if you upgrade the authorisation experience you shouldn't need to use OAuth 2.0 and get a client ID and secret from the API console.
When you upgrade the authorisation, the API console entry is automatically created so you just have to turn on Admin SDK. Your app should then run simply using your own admin credentials.
Have I misunderstood this and if so, what is the benefit of the new authorisation experience?
I can use the Admin SDK just fine if I create a client ID and secret in the API console but this is using OAuth 2.0 then.
If someone has an example of how to use the admin sdk with OAuth 1.0 i could have a look at it would be much appreciated.
You will still need get your tokens and API key...
Take from the Directory API documentation:
If your application has certain unusual authorization requirements, such as logging in at the same time as requesting data access (hybrid) or domain-wide delegation of authority (2LO), then you cannot currently use OAuth 2.0 tokens. In such cases, you must instead use OAuth 1.0 tokens and an API key. You can find your application's API key in the Google APIs Console, in the Simple API Access section of the API Access pane.
If you are looking for an oAuth2 example with GAS, Arun has a nice example he posted on GitHub, see the SO posting: How to authorize with oauth 2.0 from appscript to Google APIs?
Sorry, I don't have any oAuth1 example to interface with the new APIs.