I have got the access tokens from Google+ and Facebook. Facebook integration is successful and it returns the cognitoId when the param is defined as follows:
Logins:{
'graph.facebook.com':token
}
But 500 error is given when I use:
Logins:{
'accounts.google.com':token //access_token received from google
}
Can anybody help?
You must use the id_token from google, not the access_token. You can ready more about how to integrate with google in the Amazon Cognito developer guide.
Related
I am working on a web app that has "Sign in with Google" and "Login with Facebook" buttons. After user successfully signs into the app backed by Firebase, I want to be able to make API calls to their Google and Facebook data. Example is fetch their photos from Google Photos or Facebook.
Normally this is easy to do when you use Google Auth APIs on web and on signing in, you get Auth Code that you can pass to your server and server exchanges that one-time-use code for Access Token and Refresh Token and store them on server side for any future API calls. Here is a link to tutorial for this approach - https://developers.google.com/identity/sign-in/web/server-side-flow
With Firebase being my backend and with FirebaseUI authenticating users to my web app, how can I get the code that I can pass to Firebase Function which can then exchange it for Access Token and Refresh Token and save it into Firestore for further API calls.
You can use the signInSuccessWithAuthResult callback from firebaseUI: https://github.com/firebase/firebaseui-web#signinsuccesswithauthresultauthresult-redirecturl
It will expose the userCredential object. For OAuth providers like google and facebook, you can access the OAuthCredetial using userCredential.credential. The reference for this interface is here: https://firebase.google.com/docs/reference/js/firebase.auth.OAuthCredential
I'm developing a 'CMS' for use in clients websites and I would like to include a few analytics views. I have searched and I found some things like this one in google analytics demos and tools (https://ga-dev-tools.appspot.com/embed-api/third-party-visualizations/), but it needs you to be logged with the analytics google account to show them.
I have seen Worpdress plugins that shows analytics in the dashboard and you only have to authorize them once and not to be logged in google. ¿How is this done?
I need to show client analytics in the dashboard of the CMS, but I don't want to ask for login everytime or request to be logged in their google accounts.
Thanks to anyone who can help.
The Google Analytics embedded API is built using JavaScript. JavaScript is client sided and there for an implicit login. Implicit logins do not contain a refresh token so when ever the access token expires normally after an hour you will need to login again.
Your Word press plugin assuming its the one i think it is. Uses php and is there for server sided and uses a hybrid login which probably requested offline access from you when you authenticated it first time. Offline access gives you a refresh token which can then be used to request a new access token when ever the plugin needs to access Google Analytics.
Assuming that your client only wants to see their own data they should be using a service account. Service accounts are preauthorized and will there for not require that you authenticate them again. Service accounts only work with server sided languages like php you can not use service account authentication with JavaScript.
auth0 version: 9.3.3
I'm developing a chrome extension that uses Google Identity API. When my extension is loaded when the user is already authorized by Google, so it seams like an overhead to show the authentication popup again by the:
Auth0Js.authorize({connection:'google-auth2'})
I already have the google access_token by:
chrome.identity.getAuthToken({}, function (access_token) {...})
that looks like:
ya29.GmCGBfZPOwM725oSok08AdMLQGHYNr50Ax9TAQVoHGjEkAS1gdv-R_1H_LBd6Fe9YgEjWm8eejTYk5IyCWGrdDn6P1R8ahRQW768_SDf7nD8Yq0kj2VXoBZVNYyiIDWtFP0
but I still need the auth0 token. Is there a way to silently exchange a google access_token into an auth0 access_token?
The solution is found:
https://auth0.com/docs/connections/calling-an-external-idp-api
The original google access_token can be obtained by the Auth0 Management API.
The steps to follow are:
Get an Access Token that allows you to call the Auth0 Management API.
Call the Auth0 Management API's Get Users by ID endpoint, using the Access Token obtained in step one. This endpoint returns the full user's profile, which contains the IdP Access Token.
Extract the IdP Access Token from the response and use it to call the IdP's API.
I have checked answer how to get user info via Google API, but it does not help to resolve the issue because of API was changed and some links are incorrect.
Google uses oauth2, so to load any user info via js we need follow next steps:
invite user to authorize in google service to get his personal oauth token;
get users token from google service answer;
make request to load users info (request should be subscribed his personal token).
Am I correct with this steps?
In google guide they wrote to authorize user should be used next API https://accounts.google.com/o/oauth2/v2/auth. If I login myself I can see request sends to https://accounts.google.com/signin/challenge/sl/password
Can I have a curl example how to get users oauth token (to use it in next requests to load users data)?
I am using YouTubeAPI in Javascript with OAuth2.
I created a new project in google developers console,
I enabled YouTube Data API v3,
I set my OAuth Consent : link
I created a OAuth 2.0 client : link2
When I am using javascript to use this API (accordingly with youtube api-samples), I have this response :
That’s an error.
Error: invalid_client
Application: TESTAPPLICATION
You can email the developer of this application at: myemail#myemail.com
no registered origin
Is it comming from something i missed in my code or did i make a bad configuration in google developers console ?