On this page, https://developers.google.com/analytics/solutions/crm-integration#summary-of-crm-data-integration-options-for-google-analytics ,
at the end of the table, for measure "Your Google Analytics profile based on user Id only shows activity for authenticated users". What does authenticated users mean in this case?
Ok I will try and clear this up. Normally when you send info to Google Analytics you use Cid think of it as a session id. So if I am on your website using chrome I get a session id and everything is sent using that cid. Then if for some dumb reason I start Internet Explorer well I get a different session id and am sending hits using a different cid. So Google analytics sees me as two different sessions.
Now if your website has a login function. I login and you send my login id as uid. Then for some unknown reason I start internet explore and login to your website again I have a user id. I am authenticated to your website and you send and the Uid for my activity both on chrome and internet explorer will be recorded as the same person.
First option logs as to separate sessions, second Google Analytics will detect that it is in fact the same person over several sessions.
The authenticated user is the users authentication or login on your website or application.
I'd use an ETL tool for combining the data from a Google Analytics account and a CRM software. The reason for doing that is so you can normalize the data.
The authentication is typically handled by the ETL vendor through API access key or OAuth log in.
There're a lot of tools that do this, Fivetran, Acho, Stitch and others.
Related
I am something of a Google Analyitcs novice.
I have a PHP website that allows client to add their website names in order to advertise for services. When they add a website they own they have to validate it by allowing my server to login to their google analytics via the standard OAUTH permission screen etc, find their property and read their number of visits for the last month. The authorisation is stored in a session access token as $_SESSION['access_token'], which is then lost as soon as the session is closed or the user cleans out their browser. I think Google calls this a "web server application".
The problem is I would now like to run a cron every day on my server that accesses the google analytics of each of these customers who have authorised me and downloads the last days visitor numbers in order to be able to display them on the website. The problem I have is obviously I cannot be asking for the users OAUTH permission because it is occuring every day and without the user being present.
1) Would this new use case that does not require OAUTH and the users presence if they have already previously authorised me be a different type of application? What google analytics calls a "Service application"?
2) If it were a different type of application such as "service application" would I be able to loginto these accounts to pull the readonly data already authorised in the previous OAUTH web application, without requiring any further user input. Basically do the authorisations previously granted transfer over to a different type of application if I limit myself to using the same email address and using only the readonly properties I was granted access to?
I would appreciate any pointers or help - thanks.
So in the end I solved this by setting up OAUTH for a web app and then using refresh tokens to avoid having to ask for authorisation each time.
I need to develop a new PHP script which connects to my LinkedIn company page and then backup some datas. I read the official documentation on company pages management and the one about the OAuth2, but why should I use it ?
I don't understand : I don't want people to login on my website thought their linkedin account, I only need to connect to my company page in order to grab some datas.
PS : I already created an application on https://developer.linkedin.com/my-apps. What URL should I request with the "Client ID" and "Client Secret" keys ? I'm lost
LinkedIn requires you to use OAuth2.
A workaround for this is to authenticate under your account or your company account, get the access token, and store it in a database. The application then reads the token from the database to be submitted with any API calls, bypassing the need for users to authenticate themselves when they hit the website. This will allow you to display the company updates from LinkedIn on your homepage without prompting visitors for OAuth2 login.
If you take this approach, the token expires every 90 days and needs to be renewed. Depending on the amount of traffic you get, it might also be worthwhile to look into caching the API response so you're only making an API call every hour or so. Your developer account limits the number of API calls you can make in 24 hours, and if you exceed the threshold you will be locked out of making any additional requests until the following day.
We allow our users to connect their Google Analytics account to our CMS. However, many of them choose to have us manage their GA, so we have a lot of properties.
Each property has its own View ID, and when we connect the View ID, we do so by entering the View ID. Then, the account select prompt shows up. We select the account that owns the property (which is usually the same account, say admin#company.com), and then retrieve access and refresh token.
This all works well. Except, sometimes it seems the refresh token invalidates.
Is this because of the refresh token limit (we definitely manage more than 25 clients)?
If so, what would be a better way to connect the property to the site, while still allowing users to use their own GA account if they wish to do so?
I was thinking of trying to retrieve which google account is being use for the connect, but I am not sure how I would do that.
Any ideas?
I figured it out. The refresh token limit is per actual google account, took me a while to figure that out. I now store a default value in the main DB and if that one can access the ID that is to be connected, the default is used. Otherwise it will redirect to the Google auth window and authenticate normally.
This may seem like a totally idiotic question but I am looking at writing a web app/service that will utilize google's calendar API's and I needed to see if I have the ability to write to a users calendar when the user isn't logged into there google account. I couldn't find any clear documentation that illustrated whether or not I could do this or not. I pictured the authorization process something the user agrees to when they sign up for my site and then my app can go add things to there google calendar. Does anyone know if this is possible? If so, can someone hook me up with a link that illustrates how that works?
Thanks in advance
You're thinking about "logged in" wrong.
Because web connections don't persist between requests, any web-site or web-service is checking headers such as the Authorization header and/or Cookie header (depending on what authorisation method is used), with each and every request and matching the request to a user.
Hence logging in* means that the web client (browser or whatever) is set to use the details that relate to a particular user in making the request.
When you use the API, the authorisation information you send, is performing the same job. As such, when the user is using your API they are logged in through your API, whether they're logged in through a web page or other application or not.
E.g.:
My web browser is currently logged into google to an account I use for work stuff.
My mail client is logged into google calendar to an account I use for private stuff.
When I look at google calendar, I see that I don't have any calendars (I don't use it on my work account).
When I look at Thunderbird, I see my calendars.
If I peek at the traffic being sent by the browser and mail client, on both I see headers like:
Authorization: GoogleLogin auth=...stuff I'm not going to share or it would help you impersonate me
So, I'm "logged in" on Thunderbird because the code using the API logs me in itself.
Indeed, the same application can access multiple accounts and be "logged in" to all of them, as long as it has the authentication details to do so.
*Strictly, some would argue that "logged in" isn't the correct term at all, and refers to different sorts of access mechanism where there is state on the connection. Whatever about that opinion, we use the metaphor of being or not being logged in, because users understand it.
The answer to your question is yes. Use OAuth 2 and the Authorization Code flow (web server flow), with offline enabled. Store the refresh tokens (which last indefinitely until the user has revoked), and you'll be able to upload events to Google Calendar even when the user isn't currently logged in.
More info: https://developers.google.com/accounts/docs/OAuth2WebServer#offline
Credits to Ryan Boyd for this note.
Is it possible, with the Google Calendar API / Zend Gdata, to get the user's google email address, after he successfully authenticated with AuthSub and I have an access token?
I have a problem with some users having multiple Gmail and Google Apps accounts, and then not remembering which one they've used to Sync with my service and having the impression that the sync doesn't work. I'd like to display them the Google Account they have first authenticated with.
Have you tried the experimental settings API? It looks like it returns the user's name and email address in the author section.