I’m having trouble getting certain parts of the Google API to work (I think mostly because I’m having some trouble rapping my head around exactly how to use the API Connector).
Thanks to another thread on here, I’ve gotten the oauth working and received an access_token and refresh_token (along with the expiration time).
In my app, I need to display the email address of the user’s calendar. As far as I can tell, the Calendar API doesn’t have a call for this, but Gmail does and Google Plus does, so I’ve used the Gmail one as you can see here:
I think it’s just that your access token has expired.
When working with google the first thing you should do is add the google refresh access token call so you can make sure you keep it up to date while you’ll are building your other api calls. I believe the Google Access tokens only last about an hour or two
The access token should go in the Authorization header:
Authorization: Bearer [access-token]
Not the API key. The token is unique to each authorized user. The API key is unique to your application.
Also, I assume your Calendar integration is Self-Handled, so that each call (refresh, access token, etc.) submit their own headers? If you’re using the OAuth2 authorization method (and not self-handled), then that’s already applying an Authorization header for you.
@ryley.randall I’m attempting this process (to get the email) immediately after doing the oauth process (on a page i called catch_token), so I don’t think it would need the refresh_token at that moment…?
@romanmg That’s what I figured, but I’m unclear how to do this (in terms of using the access_token instead of the API Key - but I attempted something, described in the next paragraph, which didn’t work) - and yes, i have it set up according to how it is shown in this thread with oauth2 (Google Calendar API use case - #7 by mebeingken).
So I just tried to use the access_token in the call instead - I wiped my database (i deleted the access_token and refresh_token) and then removed my app from this page https://myaccount.google.com/permissions
Then I performed my initial workflow to get the access_token and quickly took that access_token generated and put it after the Bearer, which looked like this:
It looks like it’s giving me the “plus.login” text, rather than the actual email that (I’m guessing) should be contained in it…
Based on that response I’m getting, I also tried changing the Data type at the top right (see below) to “text” - when I Initialize the call, nothing happens (it says “Connecting” as the text of the button, for about 1/4 of a second and then goes back to Initialize Call - with no pop-up response after).
It looks like something to do with permissions… any ideas?
(and thanks for your initial post on this - it was very helpful - wish you had actually done a few other examples too, to see how to use a variety of other kinds of API calls!)
I believe the permissions error is telling you that the request you are making was not approved for the token you are providing… When you request the access token, make sure the scopes (permissions) you need are included in the request.
Try using a space… But you might then also have to url encode the string using the formatted as modifier. If that is a challenge then use %20 to represent the space, leaving no white space between the two scopes.
@mebeingken Since I don’t know how to encode the URL, i tried just using the %20 to represent the space. It sort of worked…
It didn’t give an error page, however the google “permissions” page only mentioned the Calendar permissions. And then when I try to do the API call to get the email (from https://www.googleapis.com/gmail/v1/users/userId/profile), it gives this permissions error:
Did you revoke the permission in your google settings? I haven’t ever added a scope after the initial grant, so can’t help there–i always just revoke and re do during testing
This might help…I haven’t tested yet but it should allow incremental permissions if added to the auth request…
include_granted_scopes
Optional. Enables applications to use incremental authorization to request access to additional scopes in context. If you set this parameter’s value to true and the authorization request is granted, then the new access token will also cover any scopes to which the user previously granted the application access. See the incremental authorization section for examples.
The incremental authorization seems to be a little more complicated, and if possible (which I’ve seen apps do before), I’d ideally like to get all permissions in 1 shot…
Is it possible that my API call is wrong?
For reference, here are the permissions that get added:
I did a little differently, since I couldn’t find a field in the Gmail scope that mentioned the user’s email. I’ll put below for anyone that may be similarly having issues.
Then after getting my access_token, I used it in the Header for the Google Plus API Call below, which I was able to access because of the scope that i used https://www.googleapis.com/auth/userinfo.email