I'm trying to use the Google People API to get the authenticated user's phone number that is associated with their Google account by using the people.get method and the resource name of person/me.
I tried this out on both a web application using the scopes profile https://www.googleapis.com/auth/user.phonenumbers.read, as well as with the API Explorer. In both cases, I only see the authenticated user's phone number if it happens to be listed in their Google+ profile account.
As described here, a user's Google account is one of the sources of data that the Google People API retrieves from. Can the API include account phone numbers as part of the information returned for person/me?
Most likely you are running into https://issuetracker.google.com/issues/78151501.
Related
I'm trying to build a prototype which collects and analyses comments from Instagram. This can seemingly only be done with the Instagram Graph API. So to prototype and test I need:
A business IG account connected to a Facebook account (the account to access and read the comments of)
A Facebook App configured to access IG accounts (the account/app which gets authenticated to access the IG account)
However, this App needs to go through a verification process for each of the permissions required. The process apparently takes up to 5 days and needs a Privacy Policy on a website (neither of which I have yet).
This is a lot to do considering it is just a prototype/PoC to establish feasability and get better acquainted with using/testing the API and data.
Does anyone with experience working with the Instagram Graph API know whether I am over-thinking or misread what is required here? Or do you have to go through this before being able to access IG account comments?
I use google Ouath2.0 with passport.js in my Next.js/Node.js web-app. Registering and logging in works as expected. However, anyone with a google account is able to register, regardless of being in the test users list. The app is unpublished, and so only test users registered by me in the Oauth Consent screen should be able to register and login.
Does anyone know how to fix this? As far as I have understood it, login when not registered as a test user should simply fail. I have seen this asked elsewhere with no answers, and I am not able to contact google as that requires a paid support level.
I had a quick look at this and observed the same (incorrect) behavior; I too was unable to restrict authenticated users to the list of test users:
Created Apps Script Web app (for a quick win)
Associated a Cloud Platform project with it
Enabled Gmail API in the project and added one of its "restricted" scopes
Added one Google account to test users
I was able to login using the test user and any other Gmail account regardless of whether I included a Gmail restricted scope.
One thing I observed but am unable to explain is that I was not presented with the app's (project's) OAuth Consent Screen. Each time I logged in (incognito), I was prompted by the standard Google login screen only. I expected to be prompted by the OAuth Consent Screen before accessing the app. This likely explains why identities aren't being limited to the test users but I'm unsure why I'm not seeing the consent screen.
Even without Google paid support, you may file issues like this using Google's public issue tracker and these will be seen by Google Engineering.
I recommend you file under "Cloud Platform > Security & Identity" and let someone within Google triage:
https://issuetracker.google.com/issues/new?component=187167&template=1162765
I have some previous experience with the youtube and youtube analytics api where there was an option to use https://developers.google.com/oauthplayground/ to essentially create an offline situation for your own user account api access. By creating the key in the developer console you could add that to a custom oAuth credentials. The user account you were logged into would then generate the access token and refresh token needed. I do not see Google Photos API listed as an option here. I would prefer not to create a website just to get a prompt once (myself).
Any help would be greatly appreciated.
If you are specifically after a token to make your own requests to the API, you can still use the OAuth 2.0 playground. You can enter your own scope in the tool under step 1, just below the list of scopes on the left side. (The text box is labelled "Input your own scopes".)
Here you can manually enter a scope that's listed on the "Authentication and authorization scopes" page in the Google Photos Library API developer documentation.
In step 2, you can access a refresh and access tokens and construct your own request in step 3. Note that you won't be able to List possible operations for this API.
Note that you can also specify your own OAuth client ID and client secret from your own Google developers project. You can find this under the "settings" icon on the right, under "Use your own OAuth credentials". Otherwise, tokens are automatically revoked by the playground after a certain amount of time.
However - If you just want to explore the API through the playground, you can use the version that's embedded in the reference documentation. You can find it on each page for a method, for example mediaItems.list. This version includes support for all API methods and makes it easy to construct correct API requests.
As described in the marketing API, I have registered an app got my app key and and id, generated a token with ads permissions, list pages permission as well. The app is not yet submitted for approval.
When I try to get the list of ad accountsz linked to 'me' it returns the array of all ad accounts.
But when I select any of the business accounts (other than my personal Facebook account) and try to retrieve the ads insights API throws exception saying:
but when I try to get the insights, using the python SDK, I get the same error, ex: (#273) This Ads API call requires the user to be admin of the ad account. User is not admin on ad account .
What is surprising is when I use the similar sample page from Facebook-Developers to get insights, it is able to retrieve the ads data for the same account, with my own login itself.
Why would my app be unable to do so?
Is there any such limitation for apps not reviewed?
Update: I seem to have admin access to the ad account as well. Here are some screenshots. (Unless its my dumb day I think something else is going on, but its my fist time with an API like this, so I cant be sure!;) )
Screenshots: GraphAPI Explrer with API call, App Settings, AdAccount Settings
Based on the discussion on question and experience I now have:
API user needs to be an admin of the ad account and of the app if you
wish to use the API.
The ad account needs to be specifically added to the app, in app settings. In developer access an app can only have access to a maximum of 5 ad accounts.
Error messages in Facebook API are misleading more often than not. Fix anything marked in yellow or red anywhere in the portal, to be
sure.
Do read about limits of every API before you use it, all API have different limits and your application design needs to take those into account.
As for the question, yes the issue was the text in red, as pointed out by #CBroe, although the error message was off by a mile and issue occurred only when using our own app.
I am pulling list of docs in coldfusion via google docs API. I want users to click on the link and get signed in automatically in google docs, with my username and password. Google should not ask user name and password from them.
I tried out this example http://cfgoogle.riaforge.org/
Till now I am able to pull up list of documents I have on my google docs account.
But I want anyone to click those link and get automatically signed in as me. And able to access my documents. Is it possible?
I would guess that accessing the documents as you is not possible via the end-user's browser. Google will set a cookie on your computer identifying your session. This allows you access to documents, mail, etc. whatever is linked in your account. For them to be able to access the documents using your account, they would have to be logged in as you. You can't do that directly from your application, because you can only write cookies for your domain (oversimplification, but basically....)
There may, however, be a workaround.
One option would be to use the API to automatically share the document with the user. That is, they provide their Google ID (not password) and you share with their account. This is probably what I would try.
Alternately, you could proxy requests for documents, although this opens up a whole 'nother can of worms.