is there any way how to get the list of all usernames for a specific account in GA. And as output it would be shown in Google Spreadsheet.
Moreover, can you find all properties/profiles using GA API the user is having access to?
Thanks in advance.
You can use the User Permissions APIs to list all the users and associated permissions for a particular Account, Property or view.
properties = analytics.management().webpropertyUserLinks().list(
accountId='123456',
webPropertyId='UA-123456-1'
).execute()
For your inverse question of requesting all the accounts, properties and views to which a user has access, you can use the account summaries API to list all the account details for the Authenticated user.
account_summaries = analytics.management().accountSummaries().list().execute()
Related
We're about to implement processing Google Analytics report data in a web application.
Is there a "consent window way" to grant access rather than having to manually generate access tokens and configuring access to report views?
Google analytics data is private user data. In order to access a users data you must have their permission. To gain the permission of a user you request their consent to your application accessing their data.
To do this we use Oauth2 there is no other way to access a users data you are going to have to request consent of the user. Oauth2 always shows a constant screen to the user the first time
We use the LinkedIn API to list companies that a user admins.
We have our App set to get r_fullprofile and rw_company_admin when the user grants permission.
We're trying to list all of the companies the user has admin access to via:
http://api.linkedin.com/v1/companies:(id,name,square-logo-url)?is-company-admin=true
<error>
<status>403</status>
<timestamp>1432323149224</timestamp>
<request-id>XXXXXXXXXX</request-id>
<error-code>0</error-code>
<message>Member [user id] does not have permission to get companies as admin.</message>
</error>
According to the Manage Company Pages docs, as long as we have the rw_company_admin scope, we should be able to call this endpoint.
I've read through the Developer Program Transition docs (https://developer.linkedin.com/support/developer-program-transition) but it doesn't seem to affect this usage of the API.
ETA: This has been flagged as a possible duplicate of LinkedIn API unable to view _any_ company profile
That question is about fetching details for a single company (which the user may or may not administrate). My question is about listing companies that the user specifically does administrate.
According to new api changes user should be administrator of target company. Read this .
All calls to Companies API endpoints will require the authenticated user to be flagged as an administrator of the LinkedIn Company Page that is the target of the API call. You become the administrator of a page when you create it. If the page already exists, you will have to contact the existing administrator to grant admin access to other LinkedIn members.
I faced the same problem and the problem was with the initial authorization code. You should mention the scope=rw_company_admin while doing the initial redirect URL call. Something like this -
https://www.linkedin.com/oauth/v2/authorization?response_type=code&client_id=your_client_id&redirect_uri=https%3A%2F%2Fwww.google.com/&state=12345&scope=rw_company_admin%20r_emailaddress%20w_share%20r_basicprofile
If I create a new product, use simple auth, there is a "create user" API. How do I restrict it so that only invited emails (either by the email or via a one-time key) can sign up? Doesn't seem to fit easily into the rules, but I am probably missing something.
First, I should point out that the core Firebase API uses JSON Web Tokens for auth, which you can generate yourself, so you have full control over the creation of user accounts and can restrict it however you like:
https://www.firebase.com/docs/security/custom-login.html
I'm guessing you're referring to our Simple Login service.
Simple Login is a service that provides some common login options. It has no way to restrict creation of new accounts. However, you can restrict what those accounts can do with Firebase. For example, you could set your security rules up so that only user accounts in some authorized list (in Firebase) are actually able to read or write data.
I created multiple accounts as described here.
Is there a way to delete some user account?
Is there a way to see all the existing user accounts?
The deletion and listing of user accounts created with Firebase Simple Login has been enabled once again in Forge, and will list the email / password-hash mappings as well as allow you to delete those mappings.
Keep in mind that Firebase only automatically stores an email address / password hash combination for Simple Login, and stores it separately from data in your Firebase so that you don't have to worry about managing that data securely.
This means that if you are storing user account data in your Firebase tree following a structure such as /users/$user, then you can always access the data via Forge (accessed at https://<your-firebase>.firebaseio.com) and view / modify your data there. I'll follow-up here once we've made progress to the Simple Login account management functionality. Thanks!
I have built a web application that uses a service account linked to my own Google Account. We use Google Apps, so my Google Account is part of a domain. We have a server with shared contacts, so all of our clients are available as contacts for everyone. In my contacts, this group is called 'directory'.
The application retrieves events from the Google Calendar using the Google Api PHP client. It also retrieves attendees inlcuding all details for those attendees. But if the attendee is not within our domain, it will only retrieve the e-mail address. I also want to get the name for that attendee.
These names are in my contacts in the directory group. When I create an event and invite guests, I can retrieve these contacts and it will show the name and mail adress. But when retrieving the attendees via the API it does not show these names.
Is this a restriction of the API? Is there a solution for this?
I do not want to use the Contacts api with a non-service account, because I don't want to give permission everytime. It is not possible to use the Contacts api with a service account as far as I know.
You are correct that a service account won't work with the Contacts API, however you don't have to authorize it every time you use it. You can provide domain-wide delegation with two-legged OAuth 1.0a instead of 2.0. See https://developers.google.com/google-apps/contacts/v3/index#authorizing_requests_to_the_+wzxhzdk8+_service and https://developers.google.com/accounts/docs/OAuth#GoogleAppsOAuth.
Depending on your setup, you can also use the three-legged OAuth 2.0 flow for a single administrator account and save the refresh token. This would let you re-use that authorization without requiring explicit permission again.