We're planning on using the YouTube API Data V3 to allow users to upload videos to our channel via PHP. My question is, what are the correct steps in allowing the video to be uploaded on a server, to our Channel? I though that is where the Server or possibly Browser key would come into play?
Currently, I'm able to upload the video, but after the user signs in, it get's uploaded to their Channel. Do we need to store the access token generated by account that we want all the videos to be uploaded to?
You can actually save the refresh token once the account of your server signs in and reuse it in your code, rather than signing in a user every time.
You can do so by getting a refresh token from OAuth2 Playground and setting it in your youtube object.
Here it explains a little more.
And a step by step video.
Related
When using YouTube Data API, then do we need to check quota before uploading the video. What I am doing, after authentication and exchanging the token, I am saving access_token, refresh_token and expires_in.
Then with the help of access_token I am able to upload video. But just wanted to know do I need to check any quota usage beforehand.
Uploads a video to YouTube
One important thing: Logged in user (narendardiscover#gmail) will be uploading the video after giving access to MyApp2018. Please see the attached image. So video will be uploaded on narendardiscover youtube account. So do I need to check any quota of narendardiscovoer.
Quota is tracked for a Google Cloud Console Project (in your case this is "MyApp2018"). The YouTube Data API does not differentiate between channels, so regardless which of your end users wants to upload a video through your app, the API operation will always be added to your application's quota.
I have an app on the server, I need to upload some videos to one (only 1) youtube account, but without user/browser/client's interaction (I don't want an OpenID/OAuth to be shown), how can I achieve this?
I've googled, but all I ever found is always requires user interaction.
It sounds like you want to OAuth into one account (your own) to enable uploads without requiring user input. If so, you can create OAuth credentials on the Google API Console Credentials page (which I believe is the page in your screenshot) by choosing Create credentials > OAuth client ID > Web application > Create.
Once you have the client ID and client secret, you can use the process described here to generate an access and refresh token, and use these in your server code when making the API upload request.
On a side note, if you are collecting video submissions from users, YouTube recommends you have users upload to their own accounts, for a variety of reasons. See this blog post for details; in particular:
One crucial consideration is which account the videos will be uploaded
to on YouTube. It’s tempting to design a system in which all videos
are uploaded to a single “master” YouTube account, but this is always
the wrong approach. While using a master account means that each
uploader doesn’t need to register for their own YouTube account, a
high rate of uploads into a single YouTube account is a good way to
run afoul of the YouTube API’s quota system. Additionally, each
uploader to YouTube agrees to YouTube’s Terms of Service, which says
that they have the right to upload that content, and that the content
does not violate our Community Guidelines. By taking responsibility
for other users’ content, you are essentially putting your own account
and YouTube standing at risk.
I have Java based website. I would like users to log into my website and then upload videos to youtube using my youtube account. Users should not be required to have their own youtube account since videos will be uploaded using my youtube account.
Does youtube support this scenario?
If so, is there a sample code that shows me how to do this in Java?
I have used UploadVideo.java sample provided by google (https://developers.google.com/youtube/v3/code_samples/java#upload_a_video), but it requires users to log into youtube account using their id and password. That is not my use case.
Please study the terms and conditions of the Youtube service ; I think they do not allow this:
https://www.youtube.com/static?gl=GB&template=terms
YouTube accounts
4.1 In order to access some features of the Website or other elements of the Service, you will have to create a YouTube account. When
creating your account, you must provide accurate and complete
information. It is important that you must keep your YouTube account
password secure and confidential.
4.2 You must notify YouTube immediately of any breach of security or unauthorised use of your YouTube account that you become aware of.
4.3 You agree that you will be solely responsible (to YouTube, and to others) for all activity that occurs under your YouTube account.
and
5.1.L: you agree not to access Content or any reason other than your personal, non-commercial use solely as intended through and permitted
by the normal functionality of the Service, and solely for Streaming.
"Streaming" means a contemporaneous digital transmission of the
material by YouTube via the Internet to a user operated Internet
enabled device in such a manner that the data is intended for
real-time viewing and not intended to be downloaded (either
permanently or temporarily), copied, stored, or redistributed by the
user.
You can not let other people use your YouTube account/channel. The way to do is using YouTube Direct Lite
You basically add a ytdl with playlist tag while uploading videos.
You can check Android Client for how to do it in Java.
As to whether it is technically possible, yes, see https://developers.google.com/youtube/v3/guides/using_resumable_upload_protocol
The technical problem here is users will be able to delete videos too if they have your access token with full permissions. basically you need to:
load your html page with the upload interface.
add to the onclick event of the upload button to send an ajax request to a script on your server which will:
return the access token of your account to the client
soon thereafter change the access token using the refresh token
Its still technically vulnerable though. a possible solution is to obtain the access token ONLY with the scope:
https://www.googleapis.com/auth/youtube.upload
There is a very good chance it will not be vulnerable then. You should test it.
Currently I am using a modified script to upload videos. I have taken the following example as a basis:
https://github.com/youtube/api-samples/blob/master/php/resumable_upload.php
This script uses browser based oauth flow.
Could you please tell me if it is possible to allow other users to upload videos to my channel without making them the channel managers? So that they could use my auth token.
If yes - how can it be inplemented?
Yes, that is definitely possible. You need to design an application that is capable of the following:
Authenticate the channel the videos shall be uploaded to via OAuth. As DalmTo said, you need to save the tokens. Whoever has the tokens has access to the channel.
Since your application has access to the channel by now, it (and therefore you) can decide what to upload. That means that you are responsible for granting or denying a specific user the right to upload something.
In order to do so, you could again use OAuth or any other method you like (e.g. you can use your backend accounts).
In other words, a user has to identify towards your application. Your application can then decide to take the user's content and upload it to the channel.
I have completed uploading videos to YouTube from my website, that's for particular user account only (means all videos uploaded to single user account). Now I want that user come to my site enter their YouTube username and password and selected video will be upload to their account.
Till now what i have done is i have uploaded videos to my own account with my developer key. But now i want that if any user uploads video to YouTube then it uploads to his/her account. I am not able to find out the way because it may possible that they don't have developer key which is required to upload. So i need help in this.
I have seen API but I am not able to work out help for this. Anyone can help me in this?
Thanks!
You need to use the OAuth 2.0 API documented here: https://developers.google.com/youtube/2.0/developers_guide_protocol_oauth2 to obtain the credentials you need.
Using the credentials you create a link to Google's authorization service which your customers follow. On that page they can either allow, or deny, access to their YouTube account to your service. Assuming permission is granted, the service will redirect to the "callback" location URL you provided along with a pair of access tokens. You can then use these tokens to upload videos to YouTube and the videos will appear in the customer's account as they they had uploaded them.
It would be helpful if you could be more specific about what you are asking.
This is the youtube API for uploading videos:
http://code.google.com/apis/youtube/2.0/developers_guide_protocol_uploading_videos.html