Using Postman to access OAuth 2.0 Google APIs

Question

I am trying to access Proximity Google API using Postman chrome app. I have followed tutorials on postman and google dev website but I'm still getting 401 error message.

What am I doing?

• Step 1 - Enable Proximity API:

In order to use Proximity API, it has to be first enabled in Google Dev console. Using this tutorial I have enabled support for Proximity API for my project

• Step 2 - Get the credentials:

According to this tutorial, I need to get client ID and secret. This is where I am confused. Credentials->Add credentials->OAuth2.0 client ID->select Chrome App radio button (since I am using Postman)->enter last part of Postman's Chrome Web store URL [which is fhbjgbiflinjbdggehcddcbncdddomop]->hit create button These steps will only generate a client ID, not a secret..am I doing something wrong?

From the Google Dev console, one can download an JSON file which has client id, auth URI and Token URI

I downloaded this but this is of little help if I am using Postman. I am guessing this JSON file is something that can be included in a JS application.

• Step 3 - Use Postman to test the API

What am I getting?

And, once I click on the debug URL, I see the following screen

Answer 1

Postman will query Google API impersonating a Web Application

Generate an OAuth 2.0 token:

1. Ensure that the Google APIs are enabled

2. Create an OAuth 2.0 client ID

   • Go to Google Console -> API -> OAuth consent screen
     • Add getpostman.com to the Authorized domains. Click Save.
   • Go to Google Console -> API -> Credentials
     • Click 'Create credentials' -> OAuth client ID -> Web application
       • Name: 'getpostman'
       • Authorized redirect URIs: https://www.getpostman.com/oauth2/callback
   • Copy the generated Client ID and Client secret fields for later use

3. In Postman select Authorization tab and select "OAuth 2.0" type. Click 'Get New Access Token'

   • Fill the GET NEW ACCESS TOKEN form as following
     • Token Name: 'Google OAuth getpostman'
     • Grant Type: 'Authorization Code'
     • Callback URL: https://www.getpostman.com/oauth2/callback
     • Auth URL: https://accounts.google.com/o/oauth2/auth
     • Access Token URL: https://accounts.google.com/o/oauth2/token
     • Client ID: Client ID generated in the step 2 (e.g., '123456789012-abracadabra1234546789blablabla12.apps.googleusercontent.com')
     • Client Secret: Client secret generated in the step 2 (e.g., 'ABRACADABRAus1ZMGHvq9R-L')
     • Scope: see the Google docs for the required OAuth scope (e.g., https://www.googleapis.com/auth/cloud-platform)
     • State: Empty
     • Client Authentication: "Send as Basic Auth header"
   • Click 'Request Token' and 'Use Token'
4. Set the method, parameters, and body of your request according to the Google docs

Answer 2

The best way I found so far is to go to the Oauth playground here: https://developers.google.com/oauthplayground/

1. Select the relevant google api category, and then select the scope inside that category in the UI.
2. Get the authorization code by clicking "authorize API" blue button. Exchange authorization code for token by clicking the blue button.
3. Store the OAuth2 token and use it as shown below.

In the HTTP header for the REST API request, add: "Authorization: Bearer ". Here, Authorization is the key, and "Bearer ". For example: "Authorization: Bearer za29.KluqA3vRtZChWfJDabcdefghijklmnopqrstuvwxyz6nAZ0y6ElzDT3yH3MT5"