My Business
4.3K members online now
4.3K members online now
For developers who are using the Google My Business API to manage locations
Guide Me
star_border
Reply

Project credentials verses oauth credentials

[ Edited ]
Follower ✭ ☆ ☆
# 1
Follower ✭ ☆ ☆

This is a big picture question:

When you make an API request, I believe you need to communicate two things:

 

1) Your project credentials (something that indicates you're approved to use the GMB API)

2) The credentials for the account that authorized you some permissions to look and or alter your information.

 

How are these communicated with your requests? 

 

I've looked through the REST API and reading those docs it seems like once you've preformed oauth, you just make the calls.

 

Thanks for any assistance- 

 

 

1 Expert replyverified_user

Re: Project credentials verses oauth credentials

Google Employee
# 2
Google Employee

Hi @Brad E,

 

Yes, information for both 1) and 2) are contained in an access token that you make API calls using. Please read through the Prerequisites for using the Google My Business API. Please also read through the Using OAuth 2.0 to Access Google APIs page to understand the basic OAuth 2.0 concepts.

 

When you use an OAuth 2.0 client ID to obtain an access token for authentication via the Google My Business API, you should be logging in with your specific Google Account. After logging in, the user is asked whether they are willing to grant the permissions that your application is requesting. This process is called user consent. If the user grants the permission, the Google Authorization Server sends your application an access token. When this token is provided and you are making API calls, you will be able to view and manage all the existing locations within that specific account. In addition, when using the OAuth 2.0 client ID for authorization, you should store the refresh token for future use and use the access token to access the API. Once the access token expires, the application should use the refresh token to obtain a new one. This way, your application will always be able to request a new access token when necessary. This process requires a user to manually authorize the application only once.

 

When you are ready to start making RESTful API calls, please follow the Make a simple HTTP request step on the Get Started page of our developers website to learn how to use the OAuth 2.0 Playground to experiment with the Google My Business API.

 

Thanks,

Terry