I am trying to call some endpoints on google cloud build but I just get 401 and I am wondering how to fix this? In the end, I want to curl but if the website is not working, there is truly something wrong! Here is the picture
Only a group of API services/products on Google Cloud Platform support API keys without more authentication methods (OAuth). You can find these specific services here. In the same page that you posted, if you go down on the documentation there should be a "Authorization Scopes" section listing the required OAuth scopes that the API requires, if so, it means OAuth is needed in order to use the service.
I look at the Cloud Build Rest Api Doc and indeed I can see OAuth is required, in addition to not being listed here. You need to implement OAuth for this specific Service (Cloud Build API).
Related
I have added these 2 identity providers (refer attached images) to Google Cloud -->Identity Platform
Email/Password
OIDC Connect (oidc provider)
Now if you see there is a User section as well under Identity Platform
So I have added some random users which are non gmail users (refer image), like xyz#abc.com, which I want to authenticate with the help of Google Cloud (it when this user comes to login, I will hit API endpoint /login and in login server side code, I will redirect to Google Cloud to Authenticate this user using OIDC Authorization flow)
I need Java code to :
Using some java code, First choose the provider as OIDC provider (oidc-auth-provider).
Make call to Google Cloud which should use this Provider (oidc-auth-provider)
This oidc-auth-provider should look up the users which I have created under Users section (refer image)
Google Cloud after verifying user exist, should send back with Auth Code
using Auth Code I will call back to Google and get ID token/JWT token
I was referring to this link :
https://cloud.google.com/identity-platform/docs/web/oidc
If you search "Signing in users with OAuth" this section on page, that is what exactly I am looking for, but the problem is it has given a UI code example using Firebase API example, to create OAuthProvider instance (which will choose provider), but I need server side code example instead, I am not sure if I can use this Firebase API on server side java code for a web application? Any suggestion that how can I do similar things from a server side Java code?
added Providers under Identity-platform
Added users manually which I wanted to authenticate
I'm using Zapier and try to create a new User in Google.
The documentation is pretty unclear.
This is the request I'm making:
Now I understand, that I need to add authorization to the request.
How do I authorize the request? I created an API Token in the Google Cloud but this doesn't work as a GET parameter.
Is the Request right? Do I have to change something?
Thank you for your help.
Posting DalmTo's comment for visibility.
This appears to be using the Directory Admin API for Workspace accounts. You can consult the Admin SDK: Directory API docs for this.
As it's creating Google Workspace users, you may want to try using a service account authorization.
For an example of an API request, selecting the necessary endpoint and method, e.g. asps.get, and use the API Explorer to test your requests.
I am totally new to GCP products. I am trying to create and manage the resources i.e. Virtual Machines using the REST API's provided in the documentation. One of the endpoints which I am trying is
GET https://compute.googleapis.com/compute/v1/projects/{project}/zones/{zone}/instances?key={API_KEY}
Though to make authorized calls to the platform I need to configure the OAuth 2.0 authentication for which I created the relevant service account. I am not sure how to further use it to authorize the requests. Any leads on this would be greatly helpful. Thanks!
Edit:
I intend to call the REST APIs from Python. Not sure if that's the right way.
I was finally able to authorize the API calls to GCP by creating JWT, serializing it to UTF-8 representation (UTF-8 is important), signing it using the google client library google.auth and finally making a request to https://oauth2.googleapis.com/token having passed POST parameters grant_type = urn:ietf:params:oauth:grant-type:jwt-bearer and assertion whose value is the signed jwt for the token using the signed JWT token.
Reference: https://developers.google.com/identity/protocols/oauth2
I have api_key for my project on google cloud and I am able to generate authorization code via client_id and subsequently auth token using authorization code.
What is the rest api code to retrieve tenant information ? Can anyone please put a curl command for that.
Have a look at the documentation about how to get tenants list using API; even more - yoo can test it yourself using the pane on the right.
Another piece of documentation you might be interested in to help you understand how this particular API works and what kind of reply you might expect.
More genral explanation of how to construct API's requests you can find here.
I've created a simple API and I'm trying to publish it using WSO2's API Publisher (aka API Cloud). I've gone through all the steps, but it seems to require an Authorization header to access my endpoint. In older documentation, it says that I can change the "Auth Type" at the resource level.
https://docs.wso2.com/display/AM160/API+Resources
However, this option doesn't seem to be there in the current version. I tried to make it so the Authorization header was not required. Unfortunately, I still get the following error:
<ams:fault xmlns:ams="http://wso2.org/apimanager/security">
<ams:code>900902</ams:code>
<ams:message>Missing Credentials</ams:message>
<ams:description>Required OAuth credentials not provided</ams:description>
</ams:fault>
Is it possible to disable authentication for my API? I don't need it at this point in my project.
The document you have referred is from APIM 1.6. From APIM 1.7, the APIM team changed the API creation process to a 3-step process. It involves API Design, Implement and Manage. I think you have experienced this by now. In the Manage section, at the very bottom, it lists down the available resources of the API, their auth type, allowed tier and the scope allowed.
Default auth type is application & application user. If you click on that, you will get a drop down where you will see "None" as an option. If you set the auth type as none, you will be able to invoke the API without providing the OAuth token.
See the following screenshot where I have selected different Auth types when creating an API.
Open the configuration related to your API in ${AM_HOME}/repository/deployment/server/synapse-configs/default/api/ and remove the following part.
<handler class="org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler"/>