I have a web application backend for my clients web site. Authorised staff can log in to the backend and view data.
I want to pull some data from Google Analytics to be viewed in the backend, but GA seems to insist that the user is logged in to their Google account themselves using OAuth2
I want to be able to authenticate the server not the user. They already have permission and it seems unnecessary and possibly intrusive to ask them to link their Google accounts to the GA account and possibly even have to create one first.
The server already has to supply a client id, client secret and an api key, so it's not as if there isn't already an authenticated connection.
I'm guessing that there must be a way to pass the Google Analytics account credentials to OAuth2 somehow but I am not that familiar with OAuth2
Is this possible and how would it be done. A simple example or a nudge in the right direction would be appreciated
There are similar questions around but the ones I have found do not answer my question in the way I need.
Yes you need to store the authentication, but you may be able to use Google Analytics Super Proxy for your needs. At the very least you can see its code on how it stores the authentication.
You authenticate once, input the data you need scheduled from the GA Reporting API, then take the data feed and use it to build charts in your intranet. Any user can view those charts without needing to login to GA themselves.
Related
Really straightforward question. Is there a way to use the Service Account credentials to gain access to a particular Google My Business location Reviews?
(Some context, I'm not pulling from an unowned business. I have access to the information and we're an authorized user. Essentially we are the business owners or agency)
https://developers.google.com/my-business/
For broader context, we came across this issue:
How do I authorise an app (web or installed) without user intervention?
... and we want to automate the acquisition of reviews for a client who wants to have access to their reviews. However, we need to manually get the refresh token...
Steps 11 and 12 are as such...
Click Step 2 and "Exchange authorization code for tokens"
Copy the returned Refresh token and paste it into your app, source code or in to some form of storage from where your app can retrieve it.
We would ideally like to automate this side of the process. Is this feasible using the Service Account and a Restful Endpoint or a library provided by the Nuget Package?
I wrote this same question to #Linkedin support service and I was redirected to this link where they indicate to ask questions in Stackoverflow.
We are developing a mobile App for the Polytechnic University of Madrid and we plan to expand to other Universities in the future. This aplication will need in a first instance OAuth via Linkedin. It will also need to allow the authenticated user to send connection invitations to other users contained in a list. For creating that list of users, it will be useful if the admin of the system could search in a bar similar to the one which Linkedin has, write a user name and select it, retrieving its user ID or what is needed to identify the invitation destination.
Summing up, the App needs:
OAuth API
Connection request API
User search API
I have read on the web that some of Linkedin's APIs suffered some modifications in which most of them where limited to allowed users or apps. So the aim of this post is knowing:
Do the APIs my mobile application needs exist?
What do I need to do to obtain the access to those APIs in case they exist?
User search API
For this feature you could use something like Algolia Instant Search
LinkedIn has changed many things related to user data. If you need access to its data then you must follow the given guidelines.
Basically you have to create a LinkedIn App and then the users have to grant permissions to your app by installing it in their device(s) and then only you can collect their data.
I'm having trouble deciding on / understanding which method of authentication would be best in the following situation:
I have 3 separate "clients". A website, mobile app and browser extension.
Users information and data is stored in a database.
The 3 clients will access the data via an API.
What I am trying to get my head around is how users of the system would login via one of the three clients and authenticate with the API so they can then proceed to get and post data to the API.
I do not require 3rd party applications to access the API. Users can only access it by logging into the clients I provide. For this reason am I right in thinking that OAuth1/2 would be over kill?
I have attached an image which details how I envision the system.
An additional question:
Where is it in the system the authentication comes in? Would I authenticate within the API? So the user uses a form on one of the three clients to send a password. The API then returns a "what" if they provide valid credentials?
I want to build a dashboard to my clients access your respective website analytics. But, after some research, I'm stuck.
Let's imagine the scenario:
My Analytics Account:
Client X - websitex.com
Client Y - websitey.com
In my dashboard, when the cliente Y log in, the data (pageviews) of websitey.com is shown on graphics.
But, there's a way to do that? By the moment, the only thing i got is retrieve information for my logged account (my analytics ID), not the information about another account.
There's a way to use the Google API, or, I'll have a "separate database" to save data each website?
Sorry, I'm really lost at the moment.
You can only view Google Analytics Accounts that you are authorized to view. For some reason this is a source of major confusion (seeing that your are not the first to ask), although it should be fairly self-evident.
If you want to see data from your clients account you have to ask your client to add your Google email to the GA account. If an email address is added to multiple accounts you can, via the API, choose between the accounts. Clientside authorization (OAuth2) will only work as long as somebody is logged in via a client application (usually a browser). The practial effect is that everybody who is authenticated via OAuth against Google will see only his own GA accounts, not other peoples data.
If you want a serverside application to pull data from various GA accounts you need a service account. But even the service account needs to be added to the GA accounts.
You can use the core reporting API, but the API will not give you access to accounts that you are not authorized to look at; your client needs to authorize you (or your applications service account).
Can I use Adwords API developer token for multiple applications? In more detail, say if I have a website where I am using adwords API developer token, Can I use the same token for another application. Ofcourse both applications accessing the same account after all.
Thanks,
Murali.
You can use the AdWords API across different applications with just one API token, just make sure though that you are caching the authentication response and re-using those tokens otherwise you'll hit the throttle limit. (Incidentally, logging in is possibly the slowest part of their API, so caching the response will speed up your application considerably)
No doubt you can use same development token for your multiple applications which are accessing same account. If your applications will access different account then it needs to get different developer token.
For the reference, you can read http://goo.gl/zLBPF
Hope it will help you.
Murali,
You need just one developer token, whether your application(s) access same account or different accounts (whether linked under the same MCC hierarchy or not). As a matter of fact, AdWords API Terms and Conditions explicitly prohibits you from getting more than one developer token.
If you use a developer token to make calls, you will be charged for API cost to the account holding the developer token. This is another reason why you should treat your developer token as a password and should reset it immediately if you expose it to the public by say, posting it publicly on a forum.
I also wish to point out that the official AdWords API forum is http://groups.google.com/group/adwords-api, you can ask your questions there and someone will answer your questions in a day or two.
Cheers,
Anash
Yes, Adwords even has channels that you can create to separate your ad campaigns
Adword Docs - Campaigns