How to register Google OAuth Application (Get ClientID and ClientSecret)

Introduction

In our previous article we understood little bit about OAuth 2.0 Protocol. We talked how to use Default App for ease of use. However In this post you will learn how to register Google OAuth Application so you can access various Google Services programmatically (e.g Youtube, Google Analytics, AdWords, DoubleClick etc.). Here is the link to find all services: Google API Services (Using OAuth 2.0)

Recently google started supporting OAuth 2.0 Protocol. There are many articles written explaining OAuth 2.0 protocol so we are not going to cover that in this article.

Following SSIS Connectors support OAuth Connectivity. When you use below connectors no coding required to pull data from OAuth enabled services.

Step-By-Step: How to register Google OAuth Application

Now lets look at step-by-step instructions.

  1. Registering OAuth App in Google first requires you to create API Project. API Project is a container which can host many OAuth Apps or other API Keys. To create API Project Visit https://console.developers.google.com/project
    If you already have existing API Project then once you click above link you can pick desired API Project from dropdown (Found in the top bar). If you using existing API Project then you may skip next few steps and directly move to step which explains [how to create OAuth ClientId].
  2. To create new project Click on “Create Project” button
    Create New Google API Project (register Google OAuth Application)

    Create New Google API Project (register Google OAuth Application)

  3. Now give some name for your project and click Create
    Create new Google Api Project for OAuth App (Set project name)

    Create new Google Api Project for OAuth App (Set project name)

  4. Once you click Create it will take few seconds to create project for you.
  5. Once project is created it will redirect you to the API Home page where you will see many common Google API you can use. If you do not see that you can always click below option to enable API manually.
    Enable Google APIs / Services

    Enable Google APIs / Services

  6. By default few APIs will be already enabled for your project. Search for API you wish to enable. For example type word “Youtube” if you like to enable YouTube related APIs, type word “Drive” if you like to call Google Drive / Sheet API, type “Analytics” if you calling Google Analytics API.Click on the desired search result and it will navigate to Enable API page. Click Enable.
    Enable Google API for OAuth Application Access (register Google OAuth Application)

    Search Google API for OAuth Application Access

     

    Enable Google API for OAuth Application Access (register Google OAuth Application)

    Enable Google API for OAuth Application Access

     

  7. Now click on the credentials tab and click OAuth consent screen. Fill out necessary information which will be visible to user (Such as App Name, email etc). Once this is done you can click save and it will take you to the Create Credentials screen.
    Google OAuth API - Create OAuth App - Set Application Name on Consent Screen

    Google OAuth API – Create OAuth App – Set Application Name on Consent Screen

  8. Click on [Create credentials] button and select OAuth Client Id option.
    Create OAuth Client ID Credentials for Google API access

    Create OAuth Client ID Credentials for Google API access

  9. Next you will be asked to select Application Type. Pick “Other” if your Application is Desktop style application. If your app is web site or running browser then pick Web Application. Click on Create and you will see your ClientID and ClientSecret which you can use during OAuth Authentication. Keep these both information secret. This is used to call OAuth Approval Screen by your Desktop App or Web App… and then user can obtain Token which can be used to call desired Google API.
    Register/Create Google OAuth App - For Desktop Style App, Web Application or other (register Google OAuth Application)

    Register/Create Google OAuth App – For Installed Desktop Style App, Web Application or other

    Generate ClientID and Client Secret for Google OAuth Application (register Google OAuth Application)

    Generate ClientID and Client Secret for Google OAuth Application

Using OAuth Client ID and Client Secret to get AccessToken and RefreshToken

You can use generated ClientID and ClientSecret to initiate OAuth Authorization process. We are not going to cover how that works but below is simple screenshot how these two piece of information is used to call Consent screen with some desired permission requested by calling Application:

Google OAuth Application: Generating Access and Refresh tokens using SSIS and OAuth Connection Manager.

Using System Default Browser to get the token

If embedded browser has some issue to extract your token then you can close the window by pressing [X] in the title bar. Once you do that you will be prompted to use System Default browser to finish the token extraction. If you click Yes then Full browser will be launched.

NOTE: Below feature is added in version published after Dec 31, 2019 (v3.0.0.11231 or later) so make sure you have latest version.

Using System Default Browser to extract OAuth Token

Using System Default Browser to extract OAuth Token

Untrusted App Warning

Sometimes Google might show you below warning. In order to continue the flow you might have to Click on Advanced and then click Go to YourAppName (unsafe) like below

How to ignore Google Unsafe App Warning (OAuth Flow)

How to ignore Google Unsafe App Warning (OAuth Flow)

Select the account

Using System Browser

Using System Browser

Copy code and finish the flow

Manually Copy Code and Get OAuth Refresh / Access Token

Manually Copy Code and Get OAuth Refresh / Access Token

 

What is Google OAuth AccessToken

AccessToken is short lived token which you can pass along with each API Service call. once this token is expired you can get new AccessToken as long as you have obtained and saved RefreshToken (Returned to caller after very first time user go through Approval process on Consent screen). If you are using ZappySys OAuth connection manager

What is Google OAuth RefreshToken

May OAuth services support short lived token which expires after few minutes or hours. Google API by default expires token after 3600 seconds … So how to get new token ? Do you always go through that annoying Consent screen… what if your application is Automated Service? Well OAuth has solution for that too… its called RefreshToken.

First time to setup OAuth connection user have to go through Approval screen  (i.e. Consent screen) once they click Approve button they may receive two types of token (AccessToken and RefreshToken).  RefreshToken is used only when you need to get new AccessToken without going through Consent screen. So technically if OAuth supports RefreshToken (This is optional) then you can Save this piece of information in database somewhere and when you get token_expired error or you detect expiration time you can get new AccessToken without involving user consent (because you already did once).

Conclusion

Hope this article helped you to understand how to register Google OAuth Application. Download SSIS PowerPack to try various OAuth data integration scenarios using drag and drop high performance connectors. With SSIS PowerPack OAuth support you can virtually pull data from any API service (XML REST API or JSON REST API). Such as Facbook, Twitter, SurveyMonkey, LinkedIn and many more.

Posted in Google API and tagged , , , , , , , .