API Connector Google Calendar

Hi,

I’m having trouble getting certain parts of the Google API to work (I think mostly because I’m having some trouble rapping my head around exactly how to use the API Connector).

Thanks to another thread on here, I’ve gotten the oauth working and received an access_token and refresh_token (along with the expiration time).

In my app, I need to display the email address of the user’s calendar. As far as I can tell, the Calendar API doesn’t have a call for this, but Gmail does and Google Plus does, so I’ve used the Gmail one as you can see here:

The Bearer has my API Key in it (I’m not sure if that’s what should be there)

When I initialize it, I get this:

Can anyone help me figure out what I’m doing wrong? (been wrestling with this for more than 10 hours…)

thank you!

Jeff

I think it’s just that your access token has expired.
When working with google the first thing you should do is add the google refresh access token call so you can make sure you keep it up to date while you’ll are building your other api calls. I believe the Google Access tokens only last about an hour or two

The access token should go in the Authorization header:

Authorization: Bearer [access-token]

Not the API key. The token is unique to each authorized user. The API key is unique to your application.

Also, I assume your Calendar integration is Self-Handled, so that each call (refresh, access token, etc.) submit their own headers? If you’re using the OAuth2 authorization method (and not self-handled), then that’s already applying an Authorization header for you.


Gaby | Coaching Bubble
Private coaching, courses, and tons of free resources

Thank you both for the replies.

@ryley.randall I’m attempting this process (to get the email) immediately after doing the oauth process (on a page i called catch_token), so I don’t think it would need the refresh_token at that moment…?

@romanmg That’s what I figured, but I’m unclear how to do this (in terms of using the access_token instead of the API Key - but I attempted something, described in the next paragraph, which didn’t work) - and yes, i have it set up according to how it is shown in this thread with oauth2 (Google Calendar API use case - #7 by mebeingken).

So I just tried to use the access_token in the call instead - I wiped my database (i deleted the access_token and refresh_token) and then removed my app from this page https://myaccount.google.com/permissions

Then I performed my initial workflow to get the access_token and quickly took that access_token generated and put it after the Bearer, which looked like this:

When I initiate the call now, it gives this response:

It looks like it’s giving me the “plus.login” text, rather than the actual email that (I’m guessing) should be contained in it…

Based on that response I’m getting, I also tried changing the Data type at the top right (see below) to “text” - when I Initialize the call, nothing happens (it says “Connecting” as the text of the button, for about 1/4 of a second and then goes back to Initialize Call - with no pop-up response after).

Any ideas?

thanks again

The GET url from your original post is different from your latest screenshot… What task are you trying to perform now?

@mebeingken oh, sorry, you’re absolutely correct. I had tried 2 different API calls, one with Gmail and the other with Google Plus.

I’ve redone the access_token using the Gmail link from my initial screenshot (below)

And here is the response I’m getting:

It looks like something to do with permissions… any ideas?

(and thanks for your initial post on this - it was very helpful - wish you had actually done a few other examples too, to see how to use a variety of other kinds of API calls!)

I believe the permissions error is telling you that the request you are making was not approved for the token you are providing… When you request the access token, make sure the scopes (permissions) you need are included in the request.

@mebeingken Ok, i think I get what you mean, but not exactly sure how to set the scope, especially for multiple permissions…

So if this is my access_token api call:

Then I looked through here Alcances de OAuth 2.0 para las APIs de Google  |  Authorization  |  Google for Developers

And I think that the scopes listed there that I want are:
https://www.googleapis.com/auth/calendar
https://www.googleapis.com/auth/userinfo.email

Do I add a parameter with Key as “scope” and the URL as the Value?
Is there a way for me to add 2 scopes?

Thanks in advance!

The parameter scope gets added to the initial request. I believe for multiple values you separate with a comma.

Here is a sample url which I normally call with an external url action, not an api call:

https://accounts.google.com/o/oauth2/v2/auth?access_type=offline&response_type=code&scope=https://www.googleapis.com/auth/contacts&client_id=MY_CLIENT_ID&redirect_uri=https://app.mydomain.com/version-test/catch_token

@mebeingken Ah, i see what you mean. In your initial post, you had put that:
https://accounts.google.com/o/oauth2/v2/auth?access_type=offline&response_type=code&scope=https://www.googleapis.com/auth/contacts&client_id=MY_CLIENT_ID&redirect_uri=https://app.mydomain.com/version-test/temp_catch_token

So if I want to include those 2 scopes I put, would it be:
https://accounts.google.com/o/oauth2/v2/auth?access_type=offline&response_type=code&scope=https://www.googleapis.com/auth/calendar,https://www.googleapis.com/auth/userinfo.email&client_id=MY_CLIENT_ID&redirect_uri=https://app.mydomain.com/version-test/temp_catch_token

?

It seems not… I get this error:

Try using a space… But you might then also have to url encode the string using the formatted as modifier. If that is a challenge then use %20 to represent the space, leaving no white space between the two scopes.

@mebeingken Since I don’t know how to encode the URL, i tried just using the %20 to represent the space. It sort of worked…

It didn’t give an error page, however the google “permissions” page only mentioned the Calendar permissions. And then when I try to do the API call to get the email (from https://www.googleapis.com/gmail/v1/users/userId/profile), it gives this permissions error:

Note that I tried 2 different combinations:

  1. Putting the Calendar scope first, like this:
    https://www.googleapis.com/auth/calendar%20https://www.googleapis.com/auth/userinfo.email
    and also
  2. The other one first:
    https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/calendar

Ideas?

Did you revoke the permission in your google settings? I haven’t ever added a scope after the initial grant, so can’t help there–i always just revoke and re do during testing

This might help…I haven’t tested yet but it should allow incremental permissions if added to the auth request…

include_granted_scopes

Optional. Enables applications to use incremental authorization to request access to additional scopes in context. If you set this parameter’s value to true and the authorization request is granted, then the new access token will also cover any scopes to which the user previously granted the application access. See the incremental authorization section for examples.

If by revoke the permission, you mean did I remove them all from here:
https://myaccount.google.com/permissions

Then yes…

The incremental authorization seems to be a little more complicated, and if possible (which I’ve seen apps do before), I’d ideally like to get all permissions in 1 shot…

Is it possible that my API call is wrong?

For reference, here are the permissions that get added:

and this

Here is the scope I included in the url:
https://www.googleapis.com/auth/userinfo.email

And here is my GET API Call:

It looks like your scopes are getting set correctly, but you probably haven’t chosen the proper scopes to set.

Here is the list for gmail.

https://developers.google.com/gmail/api/auth/scopes

My recommendation is to only ask for that which you really need as it makes the app verification process go smoothly.

GOT IT!

Thanks for the help :slight_smile:

I did a little differently, since I couldn’t find a field in the Gmail scope that mentioned the user’s email. I’ll put below for anyone that may be similarly having issues.

So I set both scopes as mentioned above, with the %20 in place of the space, and I deleted the permission entries in https://myaccount.google.com/permissions

Then after getting my access_token, I used it in the Header for the Google Plus API Call below, which I was able to access because of the scope that i used https://www.googleapis.com/auth/userinfo.email

The API call worked and returned this:

Then, I added it into my workflow (the last field, email), and I got the first value, since that Google Plus variable returns a list of emails.

Then I again removed that token entry and the permissions and I tried to initiate the full authentication process, and I got the email.

Thanks for the help @mebeingken!

1 Like