I have published an Android app that can use Onedrive amongst other cloud providers. Is there any way to find out how many users have connected my app to Onedrive and how many (REST) API calls my app is making on the users' behalf? FWIW: "View usage statistics" in the Microsoft Account Developer Center has never worked, always failing with "Sorry, something went wrong".
Related
My captive portal allows my guest wifi to use their Google auth credentials in order to allow access to my wifi.
The portal triggers an OAuth 2.0 with Google service and get back the user profile.
Google decided to stop supporting OAuth 2.0 in Embedded browser on April 22nd 2017.
https://developers.googleblog.com/2016/08/modernizing-oauth-interactions-in-native-apps.html
As far as I know, there is no way to force IOS or Android devices to start a real browser during the captive portal detection process.
I have sent emails to both oauth-help#google.com and oauth-feedback#google.com. It's been a month and no response.
I get the feeling that these mailboxes are not monitored.
Did anyone get any alternative method?
In our SAAS application, we decided to use Google Sheets API, to generate docs and to give permission for editing documents online in Google Docs web and mobile application.
Here, do we need all of our customers have to be Google Accounts? Is there a better way to create users at the backend of our customers to connect directly from our app?
Unless you're using a service account (which isn't ideal for scaling apps), you ought to use google login, which requires a google account.
Google Drive API question,
I am writing an application that can view a users' Google Drive files and folders from their google account (can be individual or part of an enterprise).
So on my Google Drive enterprise, I have created an API application. So I have an API key and Secret key stored in my application.
Now I want to use OAuth to authenticate the user so that they can approve my application to read their files. The users will not be part of my enterprise. They can be individual Google accounts, or they can be a single user from an some other enterprise account.
Is this possible? Or are there technical/security reasons this is not allowed?
I just got off the phone with wonderful Google api support agent, and I have my answer:
Yes this is possible to do. however due to the recent phishing attack, Google has put in place new security features that affect the following APIs:
Google drive
Gmail
Contacts
Directory Admin SDK
Here are the new rules:
There is a new security form we will need to fill out and be approved before we will be able to be approved as a trusted app that is able to access these api's using OAuth2 authentication.
Google has provided a feature that many enterprises use that allows an enterprise to completely disable the ability to access these api's using oauth2. So even though we have been approved from step1, we may still get an error for some enterprises who have directly blocked this; however, they can white list us in order to allow it from our enterprise if admin's prefer, while still blocking general use for others.
See links:
https://support.google.com/a/answer/7281227
https://developers.google.com/drive/v3/web/about-auth
https://developers.google.com/identity/protocols/OAuth2
https://www.reddit.com/r/google/comments/692cr4/new_google_docs_phishing_scam_almost_undetectable/
I'm just getting started porting my old code over to the new google apps json service but I'm not clear on the oauth.
I'm looking at:
https://developers.google.com/admin-sdk/directory/v1/guides/prerequisites
It says:
"Set up a new project in the Google APIs Console and activate Admin SDK service for this project. See the Google APIs Console Help in the upper right corner of the Console page for more information about creating your API project. "
My product gets installed at each client location. Do I create the app using my key then distribute this to my customers or do I use their key in my app that runs at their site? Do I also need to enable the admin SDK in addition to enabling API access?
Do I create the app using my key then distribute this to my customers or do I use their key in my app that runs at their site?
Do they have access to the source code? If true then it will be known to them.
Whether it is your key (an API project owner by you) or theirs depends on the kind of software you offer (tailored or common service (webapp?)) and who will be responsible of the quotas, billing (if needed) and maintenance.
Do I also need to enable the admin SDK in addition to enabling API access?
Yes.
FYI:
API projects can hold up to 20 accounts
Users can own several projects (don't know how many)
Projects can be shared with other users or Groups
I come in order to have some information about Google API and particularly the authentication "Service account"
I have the same problem that this guy is having, and although that concerns another API, he explains the problem very well.
For a few days now I have already read some articles:
Google dev
DrEdit for .Net
C# sample
I have already registered for a Google API account and I am using the Client Key and Secret that was provided to me. I then downloaded the following libraries:
google-api-dotnet-client-1.2.4737-beta.source.zip
youtube-api-samples
google-youtube-v3-rev35-csharp-1.2.0-beta
Nothing has helped me so far...
I would like to know if Picasa web and the Youtube API v2 or v3 can use oAuth2.0 Service account as I am not able to find anything about that. I am currently using Picasa Web oAuthv1.0 and I found it really easy to use but I would like to migrate to Google Youtube API v3/Picasa web API.
The basic workflow idea:
Private Pictures and videos are created specifically for a web site.
Users will log into the site (it isn't a Google users) and see pictures and videos -> All users that successfully log into the site have access to all youtube videos and picasa pictures and this medias are private in Google
The only example I've found anywhere that shows how to use authentication was in a ASP.NET MVC project that unfortunately requires user interaction and i don't want that.
Can someone please me on this? Does anyone has a piece of code written in Javascript or C# for connecting to the API with Service account or is it better for now to authenticate with oAuthv1.0? Any help will be highly appreciated!!
Take a look in Which Google APIs can be accessed with service account authorization? it contains a list of all APIs which support service account.
As far as I know, Picasa and Youtube don't support service account.
Based on the article posted by peleyal, it is my intepretation that YouTube should support the service account. In the answer on the related article, it states "All Google APIs that supports OAuth 2.0 should work with Service Accounts".
Assuming YouTube is a Google API, it also should work.
I'm not 100% confident in that answer unfortunately, because I have seen documentation elsewhere that says Service Accounts: "Several Google APIs act on behalf of an application and do not access user information." https://developers.google.com/accounts/docs/OAuth2#serviceaccount
Does accessing the YouTube APIs constitute "user information"? The answer to that question is the reason I'm not 100% confident without trying it. An expensive time proposition.