I have few questions about the Android GCM
What is the use of Project ID/Sender ID in GCM.
Can i use the same project id for any number of server side apps with different application server code( Like one for giving Live scores, one for news app)
Why Google account is required?? How Google account is used in push notification.is it for authentication?
You have to provide sender ID when you register your app/device for GCM. The RegID that you get back is associated with the sender, somewhere deep in Google's data. So that when the server pushes messages, Google's system can track back their authentication to the sender, and make sure that the app and the server really belong to the same entity.
Sure. Just reuse the authentication header.
You need a Google account to get access to the Google API console. Google needs a way to identify and authenticate you, an account owner, so that other people cannot play with your GCM settings.
EDIT: this is not official, but they claim the phone needs a Google account associated with it because GCM uses GTalk internally.
Related
I am looking to implement a hangouts chat bot for my customers. I am fairly new to the Google ecosystem, so I apologize in advance if some of this is obvious.
Here is my basic confusion:
It looks like in order to access the REST api the chat api requires a service account.
Does this mean that I will have to ask every customer to create a service account using their Google cloud account?
Corollary to the above is: Does every GSuite account have a Google cloud platform account associated with it?
If the service account has to be created, would the customer somehow need to share the private key for that account with me in order for my application to make calls on behalf of the service account.
My end goal is to give my customers a seamless experience where they can choose to
Install my bot in the Google Chat app for their GSuite domain
At the time of install get some information about their domain
Whenever a message is sent to the bot (DM or Room), identify who the message is coming for and in which GSuite domain, and reply accordingly.
Is this possible? Am I missing some very obvious Google concepts?
Thanks in advance.
If your customers have a normal email they can't connect with you. For more information refer this link
Considerations
The service account is used from your bot to access the Google REST APIs. It has a service account for your Google Cloud Project. There is no need for every user to have an service account enabled nor for them to give your their private key (never share private keys).
Approach
You can build and deploy Google Chat Bots directly using Google Apps Script. For your application I suggest you to use the tutorial in this page: https://developers.google.com/hangouts/chat/quickstart/apps-script-bot
Reference
Creating new Bots
Today I received an email with the above as subject and this in the body :
Dear Android developer,
To keep your access to Google APIs, review the OAuth client used by your Android application by September 30, 2019.
Google requires developers to register all Android apps that request Google Account data and interact with Google APIs. The following Android package name you maintain may require the registration of an OAuth client:
com.myappname (not my real app name)
To register an OAuth client, make sure to either:
Have an existing project on Google Cloud Platform for the app you publish.
Create a new project and configure it correctly.
For the app, make sure there’s an Android OAuth client for the package name and SHA-1 signing-certificate fingerprint. If your app uses certain sensitive or restricted scopes, you’ll also need to submit your app for verification.
Apps without a properly registered OAuth client may not get Google Account or API data after September 30, 2019.
Thanks,
Google API team
I have a GCP project that has 2 OAuth 2.0 client IDs with the package name for this Android app (one Debug, one Release) and SHA1 fingerprint. Google login has been working for years with no issue. App is also verified (though we don't use any sensitive scopes). Anybody received a similar email or know what possibly might be missing?
This is neither a misfire or a threat. It's more of a reminder than anything else. All people who interact with Google User data get this email, and the point of this is to simply tell people "Hey, if you need to, register an OAuth client, do it by September 30th.". This is explicitly clear on the wording of the email. You can see here:
The following Android package name you maintain may require the registration of an OAuth client
The keyword being "may". Since, from what you've posted, you already registered your client, you should be good to go. Everything beyond this:
com.myappname (not my real app name)
Is nothing more than instructions on how to register your client. Everything above it is warning, that if you haven't, register your client. It's saying that it's possible that you haven't registered your client, so make sure you have.
Long story short, if you registered your client, you're good to go.
I want to collaborate with a few people on an application that were creating which relies on the spotify API. I registered the application with my spotify account. Does this mean that all the collaborators can use my client secret and ID? Or do each of them need to individually register the application with their spotify account and use their client id and secret when working on the application?
First: I am not a lawyer.
You should take a look into the Spotify Developer Terms of Service you agreed while creating your developer account: https://developer.spotify.com/terms/
There is this section VI (Access to Spotify Platform):
Security Codes
a. As described on our developer site, to access and use certain
tools provided by our Spotify Platform, you must link your Spotify
account to a developer account. You will be issued one or more unique
I.D.s, keys, passwords, security codes, or tokens (each a “Security
Code”) for accessing the Spotify Platform and managing your account.
You agree to provide Spotify with accurate, complete and updated
registration information.
b. You may only access your account with the Security Codes
provided by Spotify and the appropriate Security Code must be embedded
in your SDA, including in all updates and revisions, in a secure
manner not accessible by third parties. If you are developing a
Streaming SDA, each call to the Spotify Platform must incorporate a
valid Security Code.
c. You may not sell, transfer, sublicense or otherwise disclose
your account or Security Codes to any other party or use it for any
other purpose except in connection with your SDA.
d. You are entirely responsible for maintaining the confidentiality
of your account and Security Codes. You agree to notify Spotify
immediately if you believe that your account or Security Codes have
been compromised and cooperate with Spotify in the investigation of
any compromised Security Codes. You are fully responsible for all
activities that occur using your account and Security Codes,
regardless of whether such activities are undertaken by you or a third
party.
Definition of SDA:
Spotify Developer Application or SDA. “Spotify Developer Application”
or “SDA” means any application, website or service that accesses the
Spotify Service or Spotify Content through, or which incorporates, the
Spotify Platform. Please note that Widgets are not included in the
definition of an SDA.
I assume your collaborators are not classified as "third party". But let them register their own Spotify Developer Application for testing purposes, if you do not trust them since you are entirely responsible for what they could do with those keys.
I am building an app that integrates nicely with Sonos speakers.
I would like to provide the user the ability to select the container (playlist/stations/...leafs of the tree here) of the music service provider. Say Amazon or Spotify...
I managed to understand the vast majority of the SOAP calls however, I could not figure out how to query the user's selected service (devicelink) and provide the same list that the Sonos controller show.
How do I do that?
thanks!
This is not currently supported by the Sonos APIs and many music services take steps to ensure that only Sonos controllers can browse their catalog.
Sonos decided that access to music services should no longer be allowed by third-party-apps some time ago.
I figured out how it works and made a complete walkthrough here, https://Sonos.svrooij.io/music-services.html
It makes a second connection to the specific music service, just for browsing the catalog.
get some data from the Sonos device
Request an auth code for the service
Let the user login
If the user responded, request an access token and a refresh token.
Save these tokens in your Sonos system (optional)
Use the tokens to talk to the music service
Save and use the new access token if it is expired (optional)
You can also use my sonos-ts library, which has support for music services that require authentication.
I have a site that I have tagged using Google Analytics. I can see that the stats are being created and I can analyse them using Google Analytics web tool.
I want to extract my tagging data using the Google Analytics API but all the instructions seem to point me towards the developers console to create my OAuth2 token. My site does not appear in the list of apps that is presented, so I can't do the next step of generating my OAuth2 token.
I feel like I must be missing something obvious, but I am hitting brick wall at the moment. How do I get the site to appear so I can see it in the developers console?
The Google Developer console is for registering your application, this way google knows who is using there APIs. Your Google analytics account wont show up here because well that's not how it works.
Create a new project you will get a client_id and client secrete that are used to identify your application. Then you use a programming language to access the API using the client id and client secret.
I am not a java programmer so i cant help you with that. You mentioned that you want to access your own data. I recommend you look in to using a service account. A service account can be used to grant authentication without having to prompt a user for access. This only works when it is your own account you are accessing and the data doesn't belong to another user. Take the service account email address and add it as a user in google analytics at the ACCOUNT level it must be the Account level. then when you use the service account in your code you will have access.
https://developers.google.com/analytics/devguides/reporting/core/v3/quickstart/service-java