Reputation: 25
Can't authenticate in Google Blogger API v3.0 via OAuth 2 access token
Trying to use Google Blogger API v3.0
Have a test blog set up - https://msi-blogger-api-test.blogspot.com/
Blogger User ID is - 11970463155418365784 As appears in - https://www.blogger.com/profile/11970463155418365784
Have both "API key" and "OAuth 2.0 token" set up for this project -
In the Blogger sand box it works perfectly -
Copied the cURL from the Blogger sand box.
Copied "API key" and "OAuth 2.0 token" from console.cloud.google.com (screenshot above) via the "copy" button (as highlighted in the screenshot).
Trying from CLI via cURL, works when using the "API key" alone -
Trying from CLI via cURL, DOES NOT work when using the "API key" and "OAuth 2.0 token" -
Tried to use the "OAuth 2.0 token" in both these ways:
- 1008747252329-g8j8...ebb.apps.googleusercontent.com
- 1008747252329-g8j8...ebb
Thought maybe the ".apps.googleusercontent.com" suffix is not rquired.
This did not make any difference.
So, what am I missing? Why does the "API key" works but "OAuth 2.0 token" does not?
Yes, I do not need to use the "OAuth 2.0 token" for the cURL in this (API "get") example, but it should still work.
When I'm trying a different API, say "listByUser", that requires the "OAuth 2.0 token" - it does not work and I get the same error.
Upvotes: 0
Views: 1271
Answers (1)
Reputation: 116996
So, what am I missing? Why does the "API key" works but "OAuth 2.0 token" does not?
To directly answer your question. API key only works with public data, Your not sending a valid access token as the OAuth 2 bearer token, the value you are sending is wrong.
Api Key
First off an API key will only give you access to public data, so you could for example use an API key to list public videos on YouTube, or look at one of the public holiday calendars on Google Calendar. You can not use an API key to access private user data
To access private user data or any method that requires authorization you need to supply a authorization header and submit a valid bearer token.
"OAuth 2.0 token"
Your issue is that you are not submitting a valid access token. it looks like you may be trying to send the client id from your project on Google cloud console. This is not an access token.
How to get an access token with curl.
How to get an access token with CURL is a three step process the first step being requesting authorization of the user who owns the data
This is a HTTP get call and can be placed in any browser window.
GET https://accounts.google.com/o/oauth2/v2/auth?client_id=XXXX.apps.googleusercontent.com&redirect_uri=urn:ietf:wg:oauth:2.0:oob&scope=https://www.googleapis.com/auth/userinfo.profile&response_type=code
I have a tutorial How to get a Google access token with CURL. and a Video
Upvotes: 2
Related Questions
- Several error working with blogger/google API using python and service account auth
- Blogger API v3.0 - Working with users (OAuth 2.0)
- How to use OAuth 2.0 credentials with blogger api v3 (python requests)
- Error creating Blogger API end point using Google API Client defaut credentails
- Authenticate own Google account for Blogger API with Java
- Blogger google api get userid
- Google Api returns "The API (Blogger API) is not enabled for your project." even though I've enabled Blogger API in console
- How to specify access token in Blogger Google API to insert a post?
- Google Blogger API : AccessTokenRefreshError:invalid_grand message
- Problems with Google's OAuth