Generating a refresh token for YouTube API calls using the OAuth playground

Generating a refresh token for YouTube API calls using the OAuth playground


MALE SPEAKER: In this tutorial,
we’re going to show you how to obtain a refresh
token for testing your code without having to write
the code to handle the authorization flow yourself. The first thing you’ll want to
do is [? browse to the ?] OAuth Playground. The OAuth Playground is a tool
hosted on Google Developers site that lets developers
see authorization flow step-by-step and see
how API calls are made at the HTTP layer. You can find the OAuth
Playground at developers.googl e.com/oauthplayground or by
searching for OAuth Playground in your favorite
search engine. For today’s tutorial, we’re only
going to show the steps required to obtain a long-lived
refresh token that we can exchange for access
tokens to make YouTube Data API and YouTube Analytics
API calls. The first thing we need to
do is configure the OAuth Playground to use our client
secret and client ID. Let’s find our client ID and
client secret from the Google API Console. We’re going to need
these in a second. Browse back through OAuth
Playground and click the Settings button. Let’s check the box using Use
Your Own OAuth Credentials. And let’s make sure the access
type is set to Offline, because this is what we need
to ensure that we receive a long-lived refresh
token and not a short-lived access token. You’ll be presented with two
fields, one for client ID and one for client secret. Let’s copy-paste the values
over from the API console. There’s one more thing
we need to set up. Note that we have a redirect
URI set up that points to developers.googl
e.com/oauthplayground. This is important because the
OAuth Playground requires us to redirect back through
Playground after an authorization step. Let’s click on Edit Settings. If we haven’t set this yet,
let’s enter this into the Authorized Redirect URIs
box and click Update. Now let’s go back through
OAuth 2.0 Playground. Let’s select the APIs
to authorize. Scrolling down, we’re going to
select the YouTube Analytics API, a read-only scope, and
the YouTube Data API v3. Now let’s click Authorize
APIs. We’ll be forwarded to
a page where we’ll need to grant access. If we’re in charge of multiple
channels, we’ll first be presented with an
account picker. Let’s click Accept
and continue. We now have an authorization
code, which we can use to exchange for a refresh token
and access token. Let’s click Exchange
Authorization Code for Tokens. The OAuth 2.0 Playground will
populate the refresh token and access token fields after
making the API call. We can start using these
immediately. But the value we want
[? to save for our ?] scripts is in the refresh
token field. As we can see, the access
token will expire in about one hour. The official Google API clients
will all handle obtaining an access token for
us as long as we supply a client ID, client secrets,
and refresh token. And that’s how we generate a
refresh token using the OAuth Playground.

Only registered users can comment.

  1. If you are using PHP, you may want ti try this OAuth client library that can take care of refreshing expired tokens automatically.

    phpclasses org blog/package/7700/post/2-Offline-Access-to-Google-and-other-OAuth-based-API.html

  2. This doesn't seem to work for "installed applications", as the APIs Console doesn't seem to allow for adding in any more Redirect URIs…the installed applications API only defaults in: "urn :ietf:wg:oauth:2.0:oob" and "h t t p ://localhost" redirect URIs.

  3. If you get an error like 
    Error: invalid_client
    no application name
    Request Details

    Read this: http://stackoverflow.com/questions/18677244/error-invalid-client-no-application-name

  4. Could you expand on the comment at 3:40 – "The official Google API clients will all handle obtaining an Access Token…"
    Do the client libraries handle refreshing the access token behind the scenes, as required?
    For example using the .Net library, you call GoogleWebAuthorizationBroker.AuthorizeAsync(…).
    Does this check the store for a previous refresh token and transparently use it to obtain a new Access Token if the current one has expired?

    thank you,

    John

  5. Nice explanation and very concise but some screens are outdated in the video (not easy to follow the steps but not impossible)

  6. i have got a refresh token it is failing to get new access token automatically before older access token expires . it is expiring after 1 hour and showing "refresh token expired" error , then i'm supposed regenerate it again plz tell me any solution
    .

Leave a Reply

Your email address will not be published. Required fields are marked *