Solved, thanks to this post. You have to share the calendar from your Google Calendar account with the Service Account email that is generated in the Google API Console, e.g. [email protected] I can now update my calendar from my web service.
OAuth Client Verification Starting July 18, 2017, Google OAuth clients that request certain sensitive OAuth scopes will be subject to review by Google. OAuth Client Verification Starting July 18, 2017, Google OAuth clients that request certain sensitive OAuth scopes will be subject to review by Google. Review is not required if you are only using … Read more
An alternative to editing a hosts file is to use the “Magic DNS” service http://xip.io/ or http://nip.io/ (see edit) xip.io is a magic domain name that provides wildcard DNS for any IP address.Say your LAN IP address is 10.0.0.1. Using xip.io, 10.0.0.1.xip.io resolves to 10.0.0.1 www.10.0.0.1.xip.io resolves to 10.0.0.1 mysite.10.0.0.1.xip.io resolves to 10.0.0.1 foo.bar.10.0.0.1.xip.io resolves … Read more
Yes, OpenID Connect supports all OAuth 2.0 grant types including Resource Owner Password Credentials Grant and Client Credentials Grant. As we know, Authorization Code Grant and Implicit Grant are typical 3-legged flows including interaction between a client, an authorization server and a user. While the Resource Owner Password Credential Grant and Client Credential Grant are … Read more
Seems like best thing to do is to just always have userId=”me” in your requests. That tells the API to just use the authenticated user’s mailbox–no need to rely on email addresses.
Postman will query Google API impersonating a Web Application Generate an OAuth 2.0 token: Ensure that the Google APIs are enabled Create an OAuth 2.0 client ID Go to Google Console -> API -> OAuth consent screen Add getpostman.com to the Authorized domains. Click Save. Go to Google Console -> API -> Credentials Click ‘Create … Read more
How OAuth 2.0 works in real life: I was driving by Olaf’s bakery on my way to work when I saw the most delicious donut in the window — I mean, the thing was dripping chocolatey goodness. So I went inside and demanded “I must have that donut!”. He said “sure that will be $30.” … Read more
The current way to authenticate a user through their Google account is to use Google Sign-In for Assistant. Once they log in to your Action, you’ll get an id token which you can decode to get their Google ID, which you can use to look up their account in your datastore to get their access/refresh … Read more
In general the easiest answer would be to say that you cannot revoke a JWT token, but that’s simply not true. The honest answer is that the cost of supporting JWT revocation is sufficiently big for not being worth most of the times or plainly reconsider an alternative to JWT. Having said that, in some … Read more