Using Postman to access OAuth 2.0 Google APIs

oauth-2.0 google-api google-api-client postman google-oauth

I am trying to access Proximity Google API using Postman chrome app. I have followed tutorials on postman and google dev website but I'm still getting 401 error message.

What am I doing?

Step 1 - Enable Proximity API:

In order to use Proximity API, it has to be first enabled in Google Dev console. Using this tutorial I have enabled support for Proximity API for my project

Step 2 - Get the credentials:

According to this tutorial, I need to get client ID and secret. This is where I am confused. Credentials->Add credentials->OAuth2.0 client ID->select Chrome App radio button (since I am using Postman)->enter last part of Postman's Chrome Web store URL [which is fhbjgbiflinjbdggehcddcbncdddomop]->hit create button These steps will only generate a client ID, not a secret..am I doing something wrong?

https://i.stack.imgur.com/JG38z.png

I downloaded this but this is of little help if I am using Postman. I am guessing this JSON file is something that can be included in a JS application.

Step 3 - Use Postman to test the API

https://i.stack.imgur.com/cZbst.png

https://i.stack.imgur.com/EPSZR.png

And, once I click on the debug URL, I see the following screen

https://i.stack.imgur.com/VCp0y.png

Kyle Calica-St

Postman will query Google API impersonating a Web Application

Generate an OAuth 2.0 token:

Ensure that the Google APIs are enabled Create an OAuth 2.0 client ID Go to Google Console -> API -> OAuth consent screen Add getpostman.com to the Authorized domains. Click Save. Go to Google Console -> API -> Credentials Click 'Create credentials' -> OAuth client ID -> Web application Name: 'getpostman' Authorized redirect URIs: https://www.getpostman.com/oauth2/callback Copy the generated Client ID and Client secret fields for later use In Postman select Authorization tab and select "OAuth 2.0" type. Click 'Get New Access Token' Fill the GET NEW ACCESS TOKEN form as following Token Name: 'Google OAuth getpostman' Grant Type: 'Authorization Code' Callback URL: https://www.getpostman.com/oauth2/callback Auth URL: https://accounts.google.com/o/oauth2/auth Access Token URL: https://accounts.google.com/o/oauth2/token Client ID: Client ID generated in the step 2 (e.g., '123456789012-abracadabra1234546789blablabla12.apps.googleusercontent.com') Client Secret: Client secret generated in the step 2 (e.g., 'ABRACADABRAus1ZMGHvq9R-L') Scope: see the Google docs for the required OAuth scope (e.g., https://www.googleapis.com/auth/cloud-platform) State: Empty Client Authentication: "Send as Basic Auth header" Click 'Request Token' and 'Use Token' Set the method, parameters, and body of your request according to the Google docs

More thoroughly explained than by Google's employees :)

Impeccable answer. Thank you very much !

I get “This browser or app may not be secure” result

This flow does not work anymore: Google forbids authentication outside of main browsers. Postman team says they're working on "Authorize using browser" feature - github.com/postmanlabs/postman-app-support/issues/7700

Also note that scopes are separated by a regular whitespace in case you need to require multiple scopes. Like https://www.googleapis.com/auth/admin.directory.user https://www.googleapis.com/auth/admin.directory.userschema

Vijay Madhavapeddi

The best way I found so far is to go to the Oauth playground here: https://developers.google.com/oauthplayground/

Select the relevant google api category, and then select the scope inside that category in the UI. Get the authorization code by clicking "authorize API" blue button. Exchange authorization code for token by clicking the blue button. Store the OAuth2 token and use it as shown below.

In the HTTP header for the REST API request, add: "Authorization: Bearer ". Here, Authorization is the key, and "Bearer ". For example: "Authorization: Bearer za29.KluqA3vRtZChWfJDabcdefghijklmnopqrstuvwxyz6nAZ0y6ElzDT3yH3MT5"

This workflow resolved my problem! Just to complement the explanation, after "Exchange authorization code for token" I copied the value at "Access token" field and used it as Authorization Bearer on Postman

Zenahr

The current answer is outdated. Here's the up-to-date flow:

The approach outlined here still works (5th March, 2022) as confirmed by SauerTrout)

We will use the YouTube Data API for our example. Make changes accordingly.

Make sure you have enabled your desired API for your project.

Create the OAuth 2.0 Client

Visit https://console.cloud.google.com/apis/credentials Click on CREATE CREDENTIALS Select OAuth client ID For Application Type choose Web Application Add a name Add following URI for Authorized redirect URIs

https://oauth.pstmn.io/v1/callback

Click Save Click on the OAuth client you just generated In the Topbar click on DOWNLOAD JSON and save the file somewhere on your machine.

We will use the file later to authenticate Postman.

Authorize Postman via OAuth 2.0 Client

In the Auth tab under TYPE choose OAuth 2.0 For values under Configuration Options enter the values found inside the client_secret_[YourClientID].json file we downloaded in step 9 Click on Get New Access Token Make sure your settings are as follows:

Click here to see the settings

(In addition, multiple scope can be as follows, space-delimited: "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile")

Click on Request Token A new browser tab/window will open Once the browser tab opens, login via the appropriate Google account Accept the consent screen Done

Ignore the browser message "Not safe" etc. This will be shown until your app has been screened by Google officials. In this case it will always be shown since Postman is the app.

How does this have no votes two years later. It is the only solution that still works

Updated the post to reflect your confirmation that it still works.

I confirmed that it works now too.

March 5, 2022 works perfectly! EDIT I would only add that for adding comments and other higher-permissions tasks, youtube.force-ssl is an appropriate scope.

The callback URL you add to google console should be oauth.pstmn.io/v1/browser-callback

Daniel Williams

go to https://console.developers.google.com/apis/credentials create web application credentials.

Postman API Access

use these settings with oauth2 in Postman: Auth URL = https://accounts.google.com/o/oauth2/auth Access Token URL = https://accounts.google.com/o/oauth2/token Choose Scope for the HTTP API Generate Token to add Schema use:

SCOPE = https: //www.googleapis.com/auth/admin.directory.userschema

post https: //www.googleapis.com/admin/directory/v1/customer/customer-id/schemas

{
  "fields": [
    {
      "fieldName": "role",
      "fieldType": "STRING",
      "multiValued": true,
      "readAccessType": "ADMINS_AND_SELF"
    }
  ],
  "schemaName": "SAML"
}

to patch user use:

SCOPE = https://www.googleapis.com/auth/admin.directory.user

PATCH https://www.googleapis.com/admin/directory/v1/users/admin@email.com

 {
  "customSchemas": {
     "SAML": {
       "role": [
         {
          "value": "arn:aws:iam::123456789123:role/Admin,arn:aws:iam::123456789123:saml-provider/GoogleApps",
          "customType": "Admin"
         }
       ]
     }
   }
}

Daniel Williams

I figured out that I was not generating Credentials for the right app type. If you're using Postman to test Google oAuth 2 APIs, select Credentials -> Add credentials -> OAuth2.0 client ID -> Web Application.

https://i.stack.imgur.com/J4gPM.png

irmalcol

This is an old question, but it has no chosen answer, and I just solved this problem myself. Here's my solution:

Make sure you are set up to work with your Google API in the first place. See Google's list of prerequisites. I was working with Google My Business, so I also went through it's Get Started process. In the OAuth 2.0 playground, Step 1 requires you to select which API you want to authenticate. Select or input as applicable for your case (in my case for Google My Business, I had to input https://www.googleapis.com/auth/plus.business.manage into the "Input your own scopes" input field). Note: this is the same as what's described in step 6 of the "Make a simple HTTP request" section of the Get Started guide. Assuming successful authentication, you should get an "Access token" returned in the "Step 1's result" step in the OAuth playground. Copy this token to your clipboard. Open Postman and open whichever collection you want as necessary. In Postman, make sure "GET" is selected as the request type, and click on the "Authorization" tab below the request type drop-down. In the Authorization "TYPE" dropdown menu, select "Bearer Token" Paste your previously copied "Access Token" which you copied from the OAuth playground into the "Token" field which displays in Postman. Almost there! To test if things work, put https://mybusiness.googleapis.com/v4/accounts/ into the main URL input bar in Postman and click the send button. You should get a JSON list of accounts back in the response that looks something like the following: { "accounts": [ { "name": "accounts/REDACTED", "accountName": "REDACTED", "type": "PERSONAL", "state": { "status": "UNVERIFIED" } }, { "name": "accounts/REDACTED", "accountName": "REDACTED", "type": "LOCATION_GROUP", "role": "OWNER", "state": { "status": "UNVERIFIED" }, "permissionLevel": "OWNER_LEVEL" } ] }

Cormac Hollingsworth

Google has changed the Access Token URL: https://accounts.google.com/o/oauth2/token. It now needs to be: https://oauth2.googleapis.com/token

Fadils

As an addition to the top answer by @DimaTx, don't forget to put checkmark on the "authorize using browser" tickbox, as explained by team postman themselves in github.com/postmanlabs/postman-app-support/issues/7700

This will prevent/solve the “This browser or app may not be secure” result.

https://i.stack.imgur.com/OZUnl.png

Using Postman to access OAuth 2.0 Google APIs

Follow WeChat

Want to stay one step ahead of the latest teleworks?

相似问题

Platform

Support

Contact US